IUMS Journals — Consent

1 Overview

Consent and privacy are central to ethical medical publishing and patient trust.

Articles published in IUMS journals often draw on real clinical encounters, case histories, images, recordings and health data. Used responsibly, this knowledge can improve care and advance science; misused, it can expose individuals to harm, stigma or loss of privacy. This policy explains how IUMS journals expect authors, reviewers and editors to handle consent and confidentiality before, during and after publication.

The policy applies to all submissions that include information about identified or identifiable individuals, whether they are patients, research participants, relatives, clinicians or other persons. It sits alongside the broader policies on publishing ethics & research integrity, authorship & contributorship, peer review and generative AI & digital tools.

“Consent for publication” is different from consent to treatment or consent to take part in research. This distinction runs throughout the policy.

2 Key definitions

Clarifying how this policy uses core consent and privacy concepts.

Informed consent for publication is the process through which an individual (or their legally authorised representative) agrees that their personal or clinical information, including images or recordings, may be published in a scientific journal and related media, with an understanding of the benefits and risks of doing so.

Personal data refers to any information that relates to an identified or identifiable person. Names and ID numbers are obvious examples, but combinations of age, rare diagnoses, locations, dates or images can also make recognition possible.

Anonymisation means processing data so that individuals cannot reasonably be recognised by the journal, readers or other parties. Because many medical case narratives are highly specific, complete anonymity may not be feasible; this is why consent for publication is often required even when obvious identifiers have been removed.

Pseudonymisation refers to techniques where direct identifiers are replaced with codes or pseudonyms, but a “key” file still exists. This reduces risk but does not create fully anonymous data.

3 Informed consent for publication

When publication consent is needed and what it must cover.

3.1 When consent for publication is required

Authors must obtain consent for publication whenever a manuscript contains information that could reasonably allow an individual to recognise themselves or be recognised by others. This includes, for example:

case reports and case series, even if names and hospital numbers are removed;
clinical photographs, radiological images, videos or audio recordings of identifiable people;
genetic pedigrees or highly specific combinations of age, diagnosis, location and dates; and
quotes from clinical interviews or consultation notes that could realistically reveal identity.

A simple statement that “consent was obtained” is not enough. The consent process should ensure that the person understands:

what will be published (text, images, video, audio, supplementary material);
that publication may be online, long-lasting and accessible worldwide;
what steps will be taken to protect privacy and what limits exist; and
that once an article is published, complete withdrawal may not be technically possible (see section 3.3).

3.2 Documenting and retaining consent

Consent should normally be documented in writing or via a secure digital process. Journals may provide template forms, but institutions can also use locally approved formats if they clearly cover publication. The signed forms should be stored securely by the authors or their institution, not uploaded with the manuscript.

The manuscript must include a concise statement, usually under “Consent for publication” in the Ethics or Acknowledgments section, confirming that:

consent for publication was obtained from the individual(s) or authorised representative(s); and
copies of the signed consent forms will be made available to the editor on reasonable request.

For deceased individuals, authors should state that consent for publication was sought from the next of kin or other legally recognised decision-maker, where local law and practice require this.

3.3 Withdrawal of consent

What happens if a patient or representative changes their mind.

Patients and their representatives should have a meaningful opportunity to reconsider consent for publication while a manuscript is still in preparation or under review. If consent is withdrawn at this stage, authors must promptly inform the journal and, where necessary, withdraw the manuscript or remove the affected material.

Once an article has been formally published and distributed, complete removal is rarely feasible. Copies may have been downloaded, shared, translated or cited. This limitation should be explained clearly during the consent process.

If serious and unforeseen privacy concerns arise after publication, editors will consider proportionate steps such as:

removing or replacing specific images;
redacting particular details from online versions; or
attaching a notice that explains the change and why it was made.

In deciding what action to take, editors will balance respect for the individual’s privacy with the need to preserve the integrity of the scientific record.

4 Identifiable information, images & media

Practical steps for minimising identifiability risk in published content.

Authors should only include identifiable images or detailed narratives when they are essential to the scientific or educational value of the article. Any information that does not materially contribute to the message of the paper should be generalised, aggregated or omitted.

Simple visual masking (for example, black bars across the eyes) does not reliably protect identity and should not be used as the sole safeguard. Where images are necessary:

crop to remove non-essential background or context;
avoid including tattoos, jewellery, room numbers, dates or other distinctive markers unless necessary and consented;
state explicitly in the legend that consent for publication of the image has been obtained; and
retain the original, unedited image securely in case the editor requests it for verification.

For audio and video material, authors should consider whether voice distortion, blurring or other protective measures are needed. If recognition remains plausible, written consent for publication is required.

5 Data privacy & personal data rules

Handling personal data lawfully, securely and proportionately.

Authors are responsible for ensuring that collection, storage, analysis and sharing of personal data comply with applicable laws and institutional policies, including data-protection regulations in the countries where participants live and where data are processed. Core expectations include:

collecting only data that are necessary for the research question and analysis;
using coding or pseudonymisation wherever possible, with secure storage of any linkage files;
limiting access to identifiable data to authorised team members who have a legitimate need to know; and
storing data on secure systems with appropriate technical and organisational safeguards.

When authors share data with journals, repositories or other researchers, they must ensure that any shared datasets are appropriately de-identified and that data-sharing agreements reflect the consent and expectations of participants. If legal or ethical constraints prevent open sharing, this should be explained transparently in the manuscript.

5.1 Confidentiality in manuscripts, peer review & tools

Manuscripts submitted to IUMS journals, along with any accompanying images, datasets or supporting documents, are confidential. Editors, reviewers and journal staff must not use this material for purposes outside the editorial process and must take care not to increase identifiability or privacy risk.

In particular:

manuscripts and patient materials should not be shared with others without the editor’s permission and a legitimate editorial reason;
editors and reviewers must not attempt to identify patients from case reports or images, beyond what is necessary for scientific assessment; and
confidential content must not be uploaded to general-purpose external platforms, including public generative AI tools, summarisation services or cloud applications that could store or reuse the material.

Where IUMS or individual journals use in-house or contracted tools (for example, for plagiarism screening, statistical checks or image forensics), they do so under agreements designed to protect confidentiality and prevent further reuse of manuscripts or patient data. These tools support, but do not replace, human editorial judgment.

6 Case reports, small series & vulnerable groups

Extra care where identifiability and power imbalances are greatest.

Case reports and small case series often involve rare conditions, unusual presentations or distinctive social contexts. Even without names, patients and those close to them may recognise the description. Because of this, consent for publication is normally required unless the information has been truly anonymised and there is no realistic prospect of identification.

When publishing material about children, adolescents or adults who lack decision-making capacity:

consent should be obtained from a parent, guardian or other authorised representative, in line with local law; and
where feasible, the views and preferences of the individual themselves (assent) should be sought and respected.

Research and case reports relating to stigmatised conditions, marginalised communities or sensitive topics (for example, mental health, reproductive health, HIV, substance use, violence) require particular sensitivity. Authors should consider whether additional anonymisation, community engagement or contextual explanation is needed to minimise risk of harm or misinterpretation.

7 Authors, editors & journal responsibilities

Consent and privacy are shared responsibilities across the publication process.

7.1 Authors

Authors are expected to:

build consent and privacy considerations into study design and case selection from the outset;
obtain, document and safely store consent for publication where required, using forms that clearly mention journal publication and possible reuse;
describe anonymisation, data-handling and consent procedures clearly in the manuscript; and
notify the journal promptly if new information arises that may affect privacy or the validity of consent.

7.2 Editors & journals

Editors and journals are expected to:

screen submissions for appropriate consent and privacy statements and seek clarification where information is incomplete or inconsistent;
balance the educational and scientific value of material against privacy risks when making editorial decisions;
maintain secure editorial systems and limit access to manuscripts and patient-level material to those with a legitimate editorial role; and
apply this policy consistently and in coordination with other IUMS policies on ethics, misconduct and use of AI tools.

7.3 Peer reviewers

Reviewers should flag possible consent or privacy concerns to the editor, especially where:

identifiable images or details are present and no consent statements are provided;
anonymisation appears incomplete or inconsistent; or
the presentation could reasonably cause distress or harm to the individuals or communities described.

Reviewers must maintain confidentiality, follow the journal’s policy on AI tools and not attempt to contact or identify patients based on manuscript content.

8 Contact & reporting concerns

How to raise consent or privacy questions with IUMS journals.

Questions about this policy, or concerns that a published article or submitted manuscript may not adequately protect consent or privacy, can be raised via:

Research ethics & integrity office: journals@iums.ac.ir
Journal-specific contact: the editorial office email address listed on the home page of each IUMS journal.

Policy version: v1.1 – last updated April 2025. This page will be reviewed periodically and updated in line with changes in legal frameworks, professional guidance and community expectations.