Microdata and tabular data that have been restricted through statistical
disclosure limitation techniques may be unsuitable for detailed statistical
analyses. One way that agencies can satisfy researchers’ needs
for data access is to release data files under highly controlled conditions
or through restricted data access measures. Before releasing data
in an identifiable format, agencies must establish written policies
and procedures that address the regulatory requirements of 28 CFR
22. Researchers that intend to obtain access to the data must agree
to uphold these requirements and justify their methods for doing so.
Typically, the policies and procedures regarding restricted data access
provide information about:
- The Federal, state, and local laws that govern access.
- Criteria for accepting or rejecting data file requests.
- Procedures for researchers requesting personally identifiable information.
- Data security requirements.
Lending agencies must proceed with caution before releasing data files.
Most require researchers to demonstrate the need for personally identifiable
data and describe the goals of the research effort. Researchers must
also submit a data security plan that, if accepted by the lending institution,
becomes a legally binding agreement between the lending agency and the
researcher. Data security plans vary in the manner in which files are
protected and the procedures that best meet confidentiality protection
needs. The examples of restricted data access measures that follow are
typical procedures of successful data security plans.
RESTRICTED DATA ACCESS MEASURES
Computer Security
|
|
- Maintain
password protection on all data files.
- Implement
log-on procedures with security access shut-down function.
- Assign
approved individuals to security access levels.
- Prohibit
external access to any modems connected to the system when processing
confidential data.
- Implement
safeguards for data files in all networked environments.
- Develop
security measures for all lender-approved backup copies of the data;
restrict the number of copies of data files.
- Limit
and monitor computers on which data are stored and analyzed.
- A warning
screen should appear on the computer before access to confidential
data files is permitted. Users should be prompted to select whether
to proceed.
|
|
Data
Storage |
|
- Store data
files in strongly encrypted format; the encryption and decryption
algorithm must be secured.
- Utilize
removable storage devices (e.g. Diskettes, zip drive discs, CDs).
- Deposit
storage devices in a locked environment.
- Store
printouts from data analysis in a locked environment; minimal allowance
of data printouts.
- Prohibit
data storage on networks (e.g. LANs); utilize dedicated computer
in secured environment.
|
|
Data
Transporting |
|
- Prohibit
transmittal of data, analysis, or data output through e-mail, e-mail
attachments, or FTP over the Internet, an intranet system or a LAN
system.
- Establish
policies and procedures that authorize individuals to send and receive
data files.
- Utilize
electronic authentication programs; electronically log the transfer
of personally identifiable data in a security audit trail to monitor
data releases by and to authorized individuals.
|
Researchers utilizing secondary data sets containing personally identifiable information
do not have ownership of the data. The recipients of data files are
essentially borrowing the information. Lending agencies have legal authority
to impose on borrowers what and how data may be used and exchanged and
the strategies for protecting the confidentiality of this information.
Requirements
for Releasing and Using Personally Identifiable information
Agencies that release youth data files and researchers who utilize them are subject to all
of the regulatory requirements of 28 CFR 22 that govern the use and
release of research and statistical information. Both groups must
make every reasonable effort to ensure the security and confidentiality
of personally identifiable youth information. Agencies that release
data files must have in place a set of policies, guidelines, and procedures
that define the recipients’ responsibilities for data security
both during and after the research activities and each request should
be handled on a case-by-case basis.
Researchers must consent to utilizing these data for research and statistical purposes
only. Appropriate use of these data by the research community is to
analyze trends, groups, or categories of youth cases. Researchers
are not permitted to utilize data files for investigations of specific
youth.
Comprehensive guidelines and implementation procedures that protect the confidentiality
of identifiable youth information are explained in 28 CFR Part 22
and are available on line at http://www.ojp.usdoj.gov/nij/humansubjects/hs_10.html
The major components mandated by the regulations are the submission
of a Privacy Certificate and the implementation of an Information
Transfer Agreement.
|
