Independent Statistical Consulting Guidebook - Section4


As an independent/small consulting business, you are 100% responsible for everything your business does, including many non-statistical things.

4.1    Client Management

As an independent practice, you are responsible for 100% of the client communication and management!

  •  Client meetings: discovery, design/kickoff, project progress, delivery, etc.
  • Client communications
  • Reports and presentations

4.2    Ethics

As an independent consultant, you are 100% responsible for all ethical concerns that pertain to your business.

  •  There are different ethical concerns for internal consulting vs. external consulting.
  • There are different ethical concerns for academic consulting vs. industry consulting.
  • Conflicts of interest:
    • Financial, personal, etc.
    • Moonlighting and conflicts of interest with your employer (if consulting as a side job).
  • Confidentiality/non-disclosure in general.
  • Statistical ethics (ethical application of statistics) vs. professional ethics (ethical general conduct as a professional). See ASA Ethical Guidelines for Statistical Practice for the former; see, for example, Institute of Management Consultants Code of Ethics for the latter.
  • Institutional Review Board (IRB) or equivalent (see a good listing here). While you as a statistician may not be the Principal Investigator (PI), what do you do if you believe an IRB review is needed but the client rejects the idea?
  • Do you know all of your relevant guidelines (FDA, ICH, etc.)?

4.3    Data Security & Privacy

  • Data security, embargoes, privacy.
    • Even if you think you do not “collect” data, as an “organization,” you will be responsible for even seemingly trivial things like website cookies (cookies are considered personal information).
    • Existing regulations like GDPR (Europe) and CCPA (California) are good places to start, with more coming. Do not let the location of the regulating body fool you. (See next bullet.)
    • Many regulations are not only based on the location of your business, but also the location of the subjects/users and/or the physical location of the data.
    • Some considerations include HIPAA (health information), FERPA (education), PCI (credit cards), GDPR/CCPA/similar (general data protection and privacy).
    • Some information cannot physically leave the country of origin.
    • The specifics vary by:
      • Industry.
      • Country.
      • State.
      • Clients.
      • Other regulations.
    • IMPORTANT: Data Security  Data Privacy. Your data can be secure but not private; or private but not secure.
  • Backup and retention. Some clients require specific backup and retention requirements for data and documents. It is helpful to have your own policy that aligns with your client base. Some require the return or destruction of all related documents at the end of the project.
  • Encryption and network security. Some clients require specific setups. In general, it is advisable to adhere to generally acceptable industry practices. Your client may contractually require proof of some or all of these.
    • File encryption.
    • Disc encryption.
    • Encryption in flight.
    • Firewalls.
    • Intrusion detection if needed (your client may require).
    • Etc.

4.4    Productivity

  • Avoid starting from scratch: standardize your work as much as feasible, which will depend on the variety of your projects and clients.
    • Project templates
    • Packaged/standardized analyses
    • Modular/standardized scripts
    • Deliverable templates
  • Leverage free and low-cost tools to simplify, especially administrative tasks.
  • Consider value vs. cost: Is the cost of the tool more than your real or effective (i.e. empirical; especially if you charge by project) hourly rate?
  • Do not be afraid to consider hiring administrative help for the same reason. There are businesses that provide fractional/part-time admin help on an as-needed basis.

4.5    Professional Development

  • Stay on top of the relevant hot topics:
    • Readings.
    • Videos/audio/podcast/webinars/etc.
    • Workshops.
    • Conferences: JSM, etc.
    • Meetups.
    • ASA Community Forum, LinkedIn Groups.
    • Mailing lists (depends on what you need).
  • Budget time and money for training and professional development.
    • Include it in your overhead.
    • If specific to the project/required by the client, it may be billable (but not always; depends on the contractual agreement).
    • Be opportunistic about learning: what to learn, how to spend the learning time most effectively.
  • Networking to learn: professional associations and meetups.

<< Previous Main - TOC