Meridian Research Institute

Ethics & Data Protection

Meridian Research Institute operates under institutional-grade ethical standards and data protection protocols. This document outlines the principles, commitments, and specific protections that govern all Institute research activities.

Foundational Principles

The Institute's ethical framework rests on four foundational principles that govern all research design, data collection, and publication decisions:

Do No Harm

Research participation must not expose individuals or organizations to professional, reputational, or economic harm. Protections are designed conservatively—where uncertainty exists about potential harm, the more protective interpretation governs.

Informed Consent

All participants—organizational leaders and staff members—must understand what data is collected, how it will be used, who will have access, and what protections are in place. Consent is obtained before data collection begins.

Transparency of Method

Research methodology is public. Participants and readers can inspect the protocols that generate findings. The Institute does not rely on proprietary or concealed methods to establish credibility.

Independence from Commercial Interest

Research findings are not influenced by vendor relationships, participant payments, or consulting incentives. The Institute does not accept funding or participation arrangements that carry editorial influence.

Participant Categories and Protections

The Institute recognizes distinct participant categories, each with specific protection requirements:

Class A: Organizational Leaders

Principals, founders, and executives who authorize participation and provide leadership-perspective data. Protected by organizational anonymization in published outputs.

Class B: Participating Organizations

The organizations themselves. Protected by name removal, identifying detail suppression, and aggregation thresholds that prevent reverse attribution.

Class C: Staff Respondents

Operational staff who provide survey data. Protected by complete anonymization, aggregation before any external sharing, and absolute separation from leadership access.

Class D: Third Parties

Individuals or organizations mentioned in participant responses. Protected by exclusion from published data and strict non-attribution protocols.

Staff Data Protection

Staff respondents receive the highest level of protection. The Institute recognizes that candid staff reporting requires absolute assurance that responses cannot be attributed, accessed by leadership, or used in ways that create professional risk.

Core Protections

  • No attribution: Individual staff responses are never identified by name, role, team, or any combination of attributes that would permit identification
  • No leadership access: Organizational leaders never receive access to individual staff responses, response patterns that could identify individuals, or any data that has not been aggregated across the full respondent pool
  • Aggregation before analysis: Staff data is aggregated before any analysis that produces externally shared findings
  • Cell size rule: No finding is reported for any subgroup smaller than three respondents; this prevents identification through demographic or role-based narrowing

What This Means for Staff

If you are completing a staff survey for this research: your individual responses will not be seen by your employer. Your responses will be combined with responses from other staff members before any findings are produced. Nothing you report can be traced back to you.

Review the full Vault Protocol

Anonymization Standards

All participant data undergoes anonymization at the point of collection:

Organizational Anonymization

  • Organization names are replaced with neutral identifiers at data ingestion
  • Identifying details (location specificity, client names, unique service offerings) are removed or generalized
  • Combination attributes that could permit identification are suppressed

Individual Anonymization

  • Names are never collected in staff surveys
  • Role information is collected only at category level (e.g., "creative staff," not "Senior Designer")
  • Demographic information, where collected, is aggregated before analysis

Response Anonymization

  • Free-text responses are reviewed for identifying information before inclusion in analysis
  • Quotes used in publications are edited to remove identifying details while preserving meaning
  • No response is published that could reasonably be attributed to a specific individual or organization

Aggregation Threshold

The Institute enforces a minimum cell size rule across all published findings:

The n≥3 Rule: No finding is published unless supported by data from at least three distinct organizations or three distinct individuals (depending on the unit of analysis). This threshold prevents reverse attribution even when other characteristics might narrow the field.

Where data exists but falls below the aggregation threshold, the finding is either withheld or reported only at a higher level of aggregation that meets the threshold.

Data Access and Control

Who Has Access

  • Raw data: Principal Researcher only, under documented access protocols
  • Anonymized datasets: Principal Researcher and authorized research assistants operating under confidentiality agreements
  • Published findings: Public access to aggregate results; no access to underlying individual-level data

Participant Rights

All participants have the right to:

  • Understand what data is collected and how it will be used before consenting
  • Withdraw from the study at any time before data is anonymized and aggregated
  • Request confirmation of what data types have been collected about them
  • Request deletion of their data before aggregation (subject to the constraint that aggregated data cannot be disaggregated)
  • Receive a copy of published findings that include their contributed data

Data Retention and Destruction

Data retention is governed by research necessity and participant protection:

  • Raw data: Retained only as long as necessary for analysis and verification; destroyed according to documented schedules
  • Anonymized datasets: Retained for longitudinal comparison and methodological verification
  • Published findings: Permanent public record

Destruction protocols ensure that data is irrecoverably removed from all storage systems, including backups, when retention periods expire.

Review the Vault Protocol for detailed data handling procedures

Independence and Conflict of Interest

The Institute maintains research independence through structural separation from commercial interests:

  • The Institute does not provide consulting, implementation, or advisory services
  • Participation fees do not confer influence over findings or editorial control
  • The Institute does not accept vendor sponsorship that carries publication conditions
  • No Institute staff or researchers have undisclosed financial relationships with AI tool vendors

Any potential conflicts of interest are disclosed in research publications.

Accountability

Questions, concerns, or complaints about Institute ethics and data protection practices may be directed to:

Meridian Research Institute
ethics@meridianresearchinstitute.org

The Institute commits to responding to ethics inquiries within ten business days.