Confidentiality and Ethics

1) Purpose & scope

  • Purpose: Protect authors’ intellectual work, safeguard patient privacy, maintain reviewer anonymity, and preserve trust in peer review.
  • Scope: Applies to the Editor-in-Chief, Associate/Handling Editors, guest editors, and staff supporting editorial operations.
  • Coverage: All manuscript files, metadata, reviews, editorial notes, communications, audit trails, and whistleblower reports—regardless of storage medium.

This page complements Editor’s Guidelines, Editorial Responsibilities, Ethics for Editors, and Publication Ethics Policy. Where standards differ, apply the stricter rule to favor patient privacy and process integrity.

2) Key definitions

  • Confidential information: Any non-public information obtained through the editorial workflow, including manuscripts, data, images, author identities (in blinded models), reviewer identities, and internal deliberations.
  • Identifiable information: Patient- or participant-level details that can reasonably identify a person alone or in combination (e.g., photos, audio, dates, locations, rare conditions).
  • Minimum necessary principle: Access and share only what is needed for the editorial task at hand.
  • Privacy by design: Default to privacy-preserving settings and workflows throughout the process.

3) Baseline duties of confidentiality

Non-disclosure

  • Do not disclose or discuss manuscripts, reviews, author identities (if blinded), or internal deliberations outside the editorial workflow.
  • Refrain from sharing content with colleagues or trainees unless they are formally engaged in the review with appropriate safeguards.
  • Never post or quote confidential text/images on social media, blogs, or public forums.

Use restrictions

  • Do not use information gained through peer review for personal or professional advantage.
  • Avoid citing or acting on unpublished findings before publication without author permission.
  • Destroy local copies securely when no longer needed (see Retention & Deletion).

Common pitfalls

Forwarding files to personal email; storing manuscripts in shared folders with default public links; discussing submissions in hallway conversations; copying reviewer comments into unsecured documents.

4) Handling identifiable and sensitive data

Some submissions include potentially identifiable content (e.g., clinical images, audio/video, detailed case timelines). Editors must minimize exposure and confirm that authors have rights and consent for publication.

Acceptance criteria to check

  • Authors state explicit informed consent for publication when images/audio are identifiable.
  • De-identification is adequate; small-cell risks are addressed for rare conditions/geographies.
  • IRB/IEC approval or waiver is present where required and aligns with the study design.

Editorial safeguards

  • Do not circulate identifiable files beyond those who strictly need them.
  • Mask/redact identifiers in any excerpts used for internal consultations.
  • Request redacted versions when identity is not essential to review.

If consent is unclear or inadequate, place the manuscript on hold and request appropriate documentation or de-identification before proceeding.

5) Reviewer anonymity and protections

  • Respect the journal’s review model. When blinded, do not reveal reviewer identities to authors without explicit permission.
  • Sanitize editor-to-author communications to remove telltale reviewer details (e.g., affiliations, file metadata).
  • Store reviewer identities in confidential records with restricted access; do not send lists over unsecured channels.
  • Protect reviewers against retaliation; promptly address attempts to identify, pressure, or influence reviewers.

If anonymity is compromised

  1. Document the incident in the audit trail (who, when, how).
  2. Inform the reviewer and offer options (continue, withdraw, or switch to signed review if both sides agree).
  3. Consider adding an independent review and adjust editorial weight accordingly.

6) Author confidentiality and blinding

  • When the journal uses blinding, ensure that author identities and affiliations are removed from the manuscript and file metadata before sending to reviewers.
  • Check figures and supplementary files for inadvertent identifiers (e.g., hospital logos, file properties).
  • Do not reveal author identities to reviewers beyond what the review model allows; if a reviewer insists on knowing, consider alternate reviewers.
  • Handle author-suggested reviewers with caution; verify independence and conflicts.

7) Secure communications & records

Channels

  • Prefer the journal’s submission platform messaging for official communications.
  • If email is used, verify recipients, avoid forwarding chains, and remove attachments once uploaded to the platform.
  • Do not share platform credentials; enable multi-factor authentication where available.

Documents & audit trail

  • Keep decision letters, reviewer assignments, and conflict declarations in the manuscript’s secure record.
  • Label sensitive attachments clearly (e.g., “confidential—identifiable image, do not forward”).
  • Use versioned filenames; avoid storing copies on unmanaged devices.

Minimum necessary principle

Share only the information required for a task. For instance, a statistical consult may need de-identified data and the Methods section but not reviewer identities.

8) Approved tools & AI safeguards

  • No upload of confidential text/images to external AI tools that retain or train on user data.
  • Privacy-preserving, access-controlled tools may be used for logistics (e.g., tracking deadlines) or integrity screening (similarity/image forensics). Record tool name and settings in the audit trail.
  • Editors remain responsible for interpreting tool outputs; never outsource judgment to an algorithm.
  • When in doubt, consult the Editor-in-Chief before using any new tool in the editorial workflow.

9) Conflicts, recusals & access control

Confidential handling is inseparable from conflict management. Editors must declare conflicts early and restrict access appropriately.

Recusal triggers

  • Recent co-authorship, same department, mentorship/supervision, close personal relationship.
  • Financial ties (employment, consultancy, equity) related to the manuscript’s topic.
  • Strong public positions or leadership roles that could reasonably be perceived to bias judgment.

Access control

  • Once recused, do not view or handle the manuscript record.
  • Transfer promptly to an unconflicted editor; document the recusal reason.
  • Avoid proposing reviewers after recusal unless explicitly requested by the EiC with safeguards.

10) Data retention & deletion

  • Retain editorial records (decisions, assignments, conflicts, audit logs) according to journal policy and applicable law.
  • Do not keep local copies beyond their legitimate editorial use. Delete or securely shred notes once captured in the audit trail.
  • When migrating platforms, ensure secure transfer of records and access logs; verify data integrity post-migration.
Record Retention concept Notes
Decision letters & assignments Long-lived Supports appeals, ethics inquiries, and indexing updates.
Reviewer identities (confidential) Long-lived (restricted) Access-limited to EiC and designated staff; never shared externally.
Local working copies Short-lived Delete after upload and verification; avoid unmanaged devices.

11) Breaches & incident response

Despite precautions, incidents can occur. Rapid, transparent, and proportionate response protects participants and preserves trust.

Incident response playbook

  1. Contain: Revoke inappropriate access; request deletion of misdirected files; halt further sharing.
  2. Assess: Identify the data involved (e.g., identifiable patient images, reviewer identities), who accessed it, and potential harms.
  3. Notify: Inform the EiC and, where appropriate, affected parties (e.g., reviewer) with clear facts and proposed remedies.
  4. Remediate: Rotate reviewers if needed; request updated files; enhance controls (e.g., MFA, restricted folders).
  5. Record: Document the event, actions taken, and prevention steps in the confidential incident log.

Examples

  • Misdirected email exposes reviewer identity to an author.
  • Unredacted case image circulated during review without consent documentation.
  • Use of an external AI tool that stored manuscript text.

12) Whistleblower protection

  • Protect the identity of individuals who raise concerns in good faith whenever feasible.
  • Acknowledge reports promptly and avoid retaliatory language. Keep communications factual and neutral.
  • Encourage specific, verifiable details (e.g., figure labels, line numbers, dataset DOIs) to support fair investigation.

13) Training & calibration

Editor training topics

  • Confidentiality basics, blinding models, and secure file handling.
  • Identifiable data risks in case reports, qualitative research, and multimedia.
  • Integrity screening (similarity, image forensics) and proportionate responses.
  • De-escalation and respectful communications in sensitive cases.

Calibration & quality

  • Periodic audits of decision letters to remove inadvertent identity cues.
  • Review of incident logs to prevent repeats and refine safeguards.
  • Alignment sessions to harmonize expectations across editors and special issues.

14) Templates & checklists

Quick confidentiality checklist (before sending to review)

  • ✅ Manuscript is blinded; file metadata checked; figures/tables free of identifiers.
  • ✅ Ethics/consent statements are present and specific; consent for identifiable media documented.
  • ✅ Reviewer invitations exclude author identities if blinded; communications are neutral and minimal.
  • ✅ Only necessary files shared; sensitive items clearly labeled and access-limited.
  • ✅ Any tool used for checks is approved and documented in the audit trail.

Email snippets (excerpts)

Confidentiality reminder to reviewers:
“Thank you for agreeing to review MS-[ID]. Please keep the manuscript and your report confidential and do not share copies. If you need to consult a colleague for a specific point, email us first so we can arrange a controlled consult.”

Request for consent documentation:
“Before we proceed to external review, please upload the consent-to-publish form for the identifiable image in Figure 1, or alternatively provide a redacted version suitable for blinded review.”

Incident containment note:
“We received notice that an attachment may have been misdirected. Please permanently delete the file and confirm. We have revoked access and will follow up with next steps.”

15) Governance, updates & contact

  • Alignment: This page operates alongside Editor’s Guidelines, Editorial Responsibilities, Ethics for Editors, Publication Ethics Policy, and Reviewer Guidelines.
  • Updates: This policy is versioned. Editors are responsible for reviewing updates and adjusting practice.
  • Contact: For advice on confidentiality, conflicts, or breaches, contact the Editor-in-Chief via the editorial office. Include manuscript ID, brief facts, and any documents (e.g., consent proof) needed for rapid guidance.

16) Summary

Confidentiality is not merely a rule but a disciplined practice: disclose nothing beyond what is necessary, keep sensitive material secure, and act swiftly and transparently when issues arise. Following these standards protects patients, authors, and reviewers and preserves the credibility of the scholarly record at CJNCP.