Skip Navigation
Forum Guide to Protecting the Privacy of Student Information: State and Local Education Agencies

6.E. Release to Researchers

In some cases, researchers who are not employed by the agency or school may be authorized to conduct data processing or research and evaluation studies through contractual arrangements. If these efforts are initiated by and performed on behalf of the agency or school, researchers may be considered school officials who have a legitimate educational interest. These situations were discussed in section 4. However, researchers outside the agency or school often request individual information (which may or may not be personally identifiable) for their own research agendas. More often than not, the requested information includes more than one data item from the education records or student database. These requests should be handled on a case-by-case basis. The written agency or school policy should include criteria for considering such requests, such as:

  • perceived benefits of the research;
  • potential invasion of students’ privacy;
  • reputation of the requester; or
  • availability of staff to monitor the process of the release and the research activities.

The NCES Statistical Standards, last updated by the National Center for Education Statistics (NCES) in September 2002, includes a section on maintaining confidentiality during data processing. This section includes the standards and procedures to which NCES staff and contractors must adhere in order to protect the confidentiality of personally identifiable information. State and district officials may consider these standards in developing their own procedures and requirements. Exhibit 6–3 includes these standards.

In general, the release of data to researchers outside the agency should be considered as a loan of data (i.e., recipients do not have ownership of the data). Agencies or schools could request that these data be returned or copies destroyed when the researchers complete their work.

Before considering these data requests, agencies should establish written guidelines and procedures to allow the on-site access or off-site loan of personally identifiable data by appropriate individuals or organizations. Last updated in 2000, NCES published a manual called Restricted-Use Data Procedures Manual to ensure the implementation of proper procedures before releasing any of its data sets. The following items, adapted from this manual, could be included in an agency’s policies and procedures regarding the loan of data:

  • description of all federal and state laws and regulations governing access to the data and penalties for violation;
  • procedures to request access to or loan of data and name of the official designated to handle the request;
  • criteria for accepting or denying requests;
  • minimum expected security requirements;
  • allowance for unannounced, unscheduled inspections of the data user’s site;
  • agency review of publications to verify that disclosure procedures have been followed; and
  • other relevant requirements.

Organizations that intend to obtain access to personally identifiable data could be required to submit a formal written application on the organization’s letterhead that would include:

  • the type of data (with specific items listed) requested;
  • reasons for requesting the data;
  • a description of how the data will be used and analyzed;
  • a description of how analyses will be presented and reported;
  • names and titles of: 1) the official(s) with the authority to bind the requesting organization to the agreement, 2) the official(s) in charge of the day-to-day operations involving the use of the data, and 3) the professional and support staff who conduct the research and analysis, as well as those who may have access to the data;
  • the estimated amount of time the data are needed; and
  • the desired medium of release (e.g., paper or media format).

In addition, the organizations requesting access or loan of data should submit a security plan addressing all applicable security procedures. Those procedures may include:

  • Computer security—use and update passwords; implement logon procedures with automatic security data access shut-down function; assign access security levels; integrate warning statements; prevent external access to any modems connected to the system while processing data on a computer; and use additional procedures to safeguard the data in networked environments. If a one-time complete backup copy of the data will be needed, the applicant should also explain the security procedures surrounding the backup copy of the data, including those backup copies that are created automatically while downloading. NCES goes so far as to generally exclude networked environments when licensing external users. Refer to Weaving a Secure Web Around Education: A Guide to Technology Standards and Security (National Forum on Education Statistics 2003) for recommendations in this area.
  • Physical handling and storage of data—catalogue and storage with lock and key; minimal allowance and secured storage of printed copies; and additional restrictions on copying of data.
  • Transportation of data—ideally by a bonded courier and notice of confidentiality and restricted use, or in the case of electronic data transfer, proper built-in security safeguards.

Agencies must proceed with caution before releasing portions of databases containing individual education records since these can include personally identifiable information. Under most cases, the release of database information with personally identifiable information is limited by law. In these cases, if a request for individual records is approved, agency or school staff should extract only the data approved for release.

Before a data set is released across agencies or to researchers or research institutions, appropriate agreements must be signed to clearly state that, in the minimum:

  • all records will remain private;
  • conditions of release and re-release are well defined and limited; and
  • penalties for inappropriate records use or release of records are in place.

Individuals employed by the agencies who are authorized and who will have access to the individually identifiable information also could be required to sign an affidavit of nondisclosure. Exhibit 6–4 contains a sample form.

In most cases, information indicating that an education record has been released must be documented in the record and retained there until the education record is destroyed.