How can you be user-centred with your GDPR policy?
Let us put ourselves in the shoes of the user for a moment and consider what the General Data Protection Regulation (GDPR) means to them. In light of certain social media giants being questioned about their management of data, the general population are probably a little more switched on to how their data can be misused. However, it can be easy to forget that not all people who are participating in research are going to understand the implications of poor data management – it is our (and I am not just talking about People for Research here) responsibility to manage their data well.
Voluntary informed consent
Voluntary informed consent is a concept that I take for granted most clients know about and fully understand. However, with research and testing on the rise and more people becoming aware of the power of actually talking to your users, it is likely that more people will be approaching a research project without appropriate planning in this area.
Using the definition provided by the Market Research Society code of conduct, ‘voluntary informed consent’ means:
“Informed consent is a process by which a participant voluntarily confirms his or her willingness to take part in a particular project, after having been informed of all aspects of the project that are relevant to their decision to participate.”
As a recruiter, we always ask our clients what is going to happen during a research session and pass this on to our participants. For example, is the participant taking part in a group discussion and talking about their experiences in front of a group or in a 1-2-1 usability session talking solely to the researcher.
It is important to consider what this means from the person’s point of view – do people know what a ‘usability session’ is and how they should prepare for one?
Communicating with users
Most companies will send out one email to existing customers with a notice about how they are managing GDPR. They might even put some policy up in some far corner of their website about it. And then what?
Ongoing commitment to GDPR
At People for Research, we have taken this as an opportunity to look at the ongoing work we can do to help our participants understand data protection, and make sure we have their best interests in mind.
As a result, we have added a GDPR section to the template we use when working with clients, to capture information about their recruitment brief and make sure we can clearly inform the people we are including in our research.
People for Research have also been supporting the Participant Needs research protect, and we have been looking more carefully at the content we use to share information with our participants.
We have also created a guide to help people recruiting participants for research on sensitive subjects, and we have shared tips in our latest GDPR blog on things to consider when asking for certain types of data.
As a specific example, we recently recruited people for one of our public-sector clients who wanted to talk to people about the consent message that would be displayed on a certain type of opt-out. The client needed to talk to people who had concerns about using the internet: this included people with learning disabilities, mental health issues, and cognitive impairments, which mean they are likely to ask someone for help when doing things online.
It is essential that we take care at each stage of the recruitment process to ensure we are being transparent and clear, and allowing people time to question anything they are unsure of or potentially uncomfortable with. GDPR is a legal requirement, but it is also our moral and ethical responsibility to keep this at the forefront of our minds.
If your team would like further support on how to best assure their users’ data is being handled correctly, what actions to take to be compliant with GDPR and you think People for Research can help, then please get in touch by emailing firstname.lastname@example.org.
We’ve got our thinking #GDPR hat on! Check the latest blog about our user-centred approach to GDPR. Put yourself in the shoes of your users for a moment and consider what the new #data protection regulation means to them – https://t.co/JPSJoZxlwH#ux #ethics #userresearch pic.twitter.com/WId6KusAZB
— People for Research (@people4research) April 19, 2018
Recruiting from customer data
If you would like to find out more about our in-house participant recruitment service for user testing or market research get in touch on 0117 921 0008 or email@example.com.
About the author: Jess Lewes is passionate about making research user-centred, and she is a source of knowledge for how to approach the recruitment process to get the best results for your UX research and testing. Jess is available to speak at your event, conference or company workshop.
About People for Research: We recruit participants for UX and usability testing and market research. We work with award winning UX agencies across the UK and partner with a number of end clients leading the way with in-house user experience and insight.
Contact us for…
Pick our brains, we love chatting about people and how to find them.
Each brief is unique, for a cost for your particular brief, please contact us.
Viewing facility / usability lab
People for Research have a flexible lab space, with the ability to host usability testing, focus groups and in depth interviews.
- 0117 921 0008
People for Research
Queen Charlotte Street
91 Wimpole Street