Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Contact the IC Information Security Office and provide them with the relevant information so that they may determine that all NIH information security requirements are met.

  2. Review the vendor's terms of service and privacy policy to ensure they are consistent with NIH policy and do not include terms that might place potential research participants at risk (such as disclosure of sensitive information to law enforcement).

  3. Contact your IC Privacy Officer to determine whether a Privacy Impact Analysis is needed.

  4. Provide a Privacy Act notification approved by your IC Privacy Office to the vendor to include on the webpage collecting participant information.
    • Additional information that participants may need to know with regard to the collection and storage of the data by a 3rd party may also need to be included in this disclosure.

  5. Ensure that any use of the NIH logo is permissible and consistent with NIH policies.

  6. Plans to use a 3rd party vendor for recruiting should be described in your protocol.

...