If they're taking patient data for research without permission, they are not ethical researchers.
Is it really “without permission” if it’s from a server for which the access credentials have been deliberately published to the entire internet?
If it's without the patient's permission, then yes, it is without the only permission that matters for medical ethics.
Is it really “without permission” if it’s from a server for which the access credentials have been deliberately published to the entire internet?
If it's without the patient's permission, then yes, it is without the only permission that matters for medical ethics.