Microdata and tabular data that have been restricted through statistical
disclosure limitation techniques may be unsuitable for detailed statistical
analyses. One way that agencies can satisfy researchers’ needs
for data access is to release data files under highly controlled conditions
or through restricted data access measures. Before releasing data
in an identifiable format, agencies must establish written policies
and procedures that address the regulatory requirements of 28 CFR
22. Researchers that intend to obtain access to the data must agree
to uphold these requirements and justify their methods for doing so.
Typically, the policies and procedures regarding restricted data access
provide information about:
Lending agencies must proceed with caution before releasing data files.
Most require researchers to demonstrate the need for personally identifiable
data and describe the goals of the research effort. Researchers must
also submit a data security plan that, if accepted by the lending institution,
becomes a legally binding agreement between the lending agency and the
researcher. Data security plans vary in the manner in which files are
protected and the procedures that best meet confidentiality protection
needs. The examples of restricted data access measures that follow are
typical procedures of successful data security plans.
- The Federal, state, and local laws that govern access.
- Criteria for accepting or rejecting data file requests.
- Procedures for researchers requesting personally identifiable information.
- Data security requirements.
|RESTRICTED DATA ACCESS MEASURES
password protection on all data files.
log-on procedures with security access shut-down function.
approved individuals to security access levels.
external access to any modems connected to the system when processing
safeguards for data files in all networked environments.
security measures for all lender-approved backup copies of the data;
restrict the number of copies of data files.
and monitor computers on which data are stored and analyzed.
- A warning
screen should appear on the computer before access to confidential
data files is permitted. Users should be prompted to select whether
- Store data
files in strongly encrypted format; the encryption and decryption
algorithm must be secured.
removable storage devices (e.g. Diskettes, zip drive discs, CDs).
storage devices in a locked environment.
printouts from data analysis in a locked environment; minimal allowance
of data printouts.
data storage on networks (e.g. LANs); utilize dedicated computer
in secured environment.
transmittal of data, analysis, or data output through e-mail, e-mail
attachments, or FTP over the Internet, an intranet system or a LAN
policies and procedures that authorize individuals to send and receive
electronic authentication programs; electronically log the transfer
of personally identifiable data in a security audit trail to monitor
data releases by and to authorized individuals.
Researchers utilizing secondary data sets containing personally identifiable information
do not have ownership of the data. The recipients of data files are
essentially borrowing the information. Lending agencies have legal authority
to impose on borrowers what and how data may be used and exchanged and
the strategies for protecting the confidentiality of this information.
for Releasing and Using Personally Identifiable information
Agencies that release youth data files and researchers who utilize them are subject to all
of the regulatory requirements of 28 CFR 22 that govern the use and
release of research and statistical information. Both groups must
make every reasonable effort to ensure the security and confidentiality
of personally identifiable youth information. Agencies that release
data files must have in place a set of policies, guidelines, and procedures
that define the recipients’ responsibilities for data security
both during and after the research activities and each request should
be handled on a case-by-case basis.
Researchers must consent to utilizing these data for research and statistical purposes
only. Appropriate use of these data by the research community is to
analyze trends, groups, or categories of youth cases. Researchers
are not permitted to utilize data files for investigations of specific
Comprehensive guidelines and implementation procedures that protect the confidentiality
of identifiable youth information are explained in 28 CFR Part 22
and are available on line at http://www.ojjdp.gov/funding/confidentiality.pdf
The major components mandated by the regulations are the submission
of a Privacy Certificate and the implementation of an Information