Data storage, backup and use
Sharing restricted-use data among licensed data users
Publication of products using restricted-use data
Statistical software, data, and computer questions
The Security Plan form must specify the exact location where the data will be secured. Please identify the specific locked office or room where the data and computer will be secured. Only persons listed on the License can have access to the locked project office.
You would need to submit a modified Security Plan amendment with IES and have it approved before a second secure office could be setup. However, if you plan on using the data at a second location that is not on the same floor in the same building as your original secure project office, you will need to apply for a second License.
The terms of the License only allow for seven professional/technical staff (users) on your License, including the PPO. If you would like to have more than seven users, you will need to apply for a second License for these additional users.
Yes. Restricted-use data, in any form, may not leave the secure project office or be moved off of the standalone (non-networked) desktop computer. All original CDs of the data must be kept under lock and key within the secure project office. The data must not be placed on a network server, laptop computer, external hard drive or USB thumb drive (memory stick).
No. Storing or using restricted-use data at your home is not allowed. Since your institution will be legally responsible for the data, the data must only reside within the secure project office at your institution as specified in your Security Plan form.
No. The data must be kept at a secure project office located within the business space of the university.
Can authorized users store the restricted-use data on a secure data server (SDS), if the SDS is kept in a locked secure server room with access limited to restricted-use data licensed staff, and is protected by a firewall to block all incoming ports except those used by researchers and technical administrators? Personal computers used to access the SDS would be password-protected and kept in rooms that are locked when not in use.
No. Restricted-use data may only reside on a standalone desktop computer. Standalone means a computer that is not connected to a network or modem.
I am currently capable of meeting all the security and storage requirements except a locking door to the project office (I do not have an office door that locks). I do have locking metal storage drawer-type cabinets in which I can store the data. Would this work?
No. The CD-ROMs with the original data have to be kept under lock and key but, this lockable cabinet must also be secured, along with the standalone desktop computer inside a room or office that is also lockable—the project office must have a lockable door.
The standalone computer housing the data must be in a locked office. IES prefers that this office be located in a building that is locked during non-business hours.
Currently, there are three sets of keys to the room with the standalone computer; one stays with the PPO, one with the department secretary and one with the custodian. The room is open only when I'm present. Is it all right for the department secretary and custodian to have keys or should the PPO be the only one with keys to the secure project office?
The only persons who may have access, or may possess a key, to the secure project office are those persons who have a signed and notarized affidavit on file with IES. If a secretary, custodian, or other individual holds a key, he/she 1) must be listed as an authorized user on the License, 2) must have an affidavit on file with IES, and 3) he/she takes responsibility for the security of the data and thus has legal liability.
We highly recommend that the fewest number of authorized users have actual access to the original data and computer within the secure project office. Some Licencees have an additional lock installed on the project office door and distribute keys only to authorized users on the License.
Campus security/police personnel who have a master key locked away for emergency purposes are exempt from this requirement and do not need to sign affidavits.
My secure project office is also my regular office. Can I have students or visitors in my office who are not listed on the License when the data is locked up and I am not doing any analysis on my computer?
Yes. Unauthorized individuals can enter the secure project office, but only when an authorized user on the License is present to ensure that they do not have access to any restricted-use data. You can also have cleaning crews or students in the secure project office as long as authorized users are there to supervise them.
The original data CDs and any hardcopy print outs having restricted-use data need to be locked up (when not in use) inside the locked project office.
Because the data will reside on an external hard-drive, there will be the temptation to transport the data off site. The License agreement prohibits any data leaving the authorized site (secure project office). IES does not allow restricted-use data to be kept on an external hard drive, laptop, USB thumb drive (memory stick), or network server.
The computer does not need to be read only, but the original data file does need to be set to read only. This means that the original data, once placed on the standalone computer, must be set to read only, which then precludes the original data from being modified.
IES interprets the requirement "read-only access will only be initiated for the original data" as the original data have to be set to read only once written to the standalone desktop computer.
Please do not make multiple back-ups of the data. You will always have the original data on CD under lock and key to use to restore analytic data files. Do back-up SAS or SPSS syntax files you create to make your analytic data files. If your computer crashes, you can use the original CD and syntax files to make the data file again.
Is it possible to make backup copies of data extrapolated from an IES restricted database? Do I need to label a CD-ROM with this information in the same way I would have to for a copy of the entire restricted database?
You may make a back-up copy of extrapolated data. You must label it as restricted-use data and keep it under lock and key. Any restricted-use data you have and any other databases you create using IES data are covered by the License and Security Plan requirements. They must be returned to IES with the original data when your License is closed-out.
"Individually identifiable" means any restricted-use data in any form. This includes statistical output, draft research papers, tables, and slide presentations that have not undergone a disclosure review and been cleared by IES.
Can I use restricted-use data in a class so that students can see what the data are like and get a feel for how to analyze them? I could create a data subset with only test scores and some basic information about the respondents.
No, this use is not allowed under the terms of the License agreement. Using the data in a classroom or creating subsets of the data for unauthorized users is a violation of the terms of the License.
Absolutely no restricted-use data may ever be used, viewed, or otherwise accessed by persons who are not authorized to have access to the data. These data can only be used and accessed by authorized users at the secure project office (on a standalone computer) indicated in the Security Plan. You must not transport the data to any other site (such as a classroom).
Data that IES releases for public-use have gone through a detailed disclosure risk evaluation. If there is a public-use version of the data, you should use that in your classroom demonstration. If there is not a public-use file, it is because IES has made a decision against supporting a public-use file for those data.
The PPO must email the IES Data Security Office with a list of encrypted files in order to obtain the needed passphrase(s).
A colleague and I are working on the same project using restricted-use databases. We work at two different licensed sites. Can we obtain your permission to email restricted use data back and forth between us?
Transmitting restricted-use data from your licensed site to some other location is a violation of the terms of your License. Sections 3.3 and 4.3 of the "Restricted-Use Data Procedures Manual" and section V.A.6. of the License document clearly state that restricted-use data must not leave the licensed site (secure project office).
You may not send password encrypted extracts to each other. No data or hard copy output from computer runs may be shipped between sites. For example, univariate frequency output may not be shared.
There is no restriction on sharing SAS or SPSS syntax (program) files between licensed researchers, as long as there is no actual restricted-use data in the files. Place the SAS/SPSS program file into a password protected zip file, and send the password in a separate email.
If this person is not an authorized user, he/she may not have access to any restricted-use data or documentation. Please assist your colleague by directing him/her to the questionnaires for the study or you could add this person to your License by submitting an add-user amendment.
IES requires me to round all unweighted sample size numbers and perform other disclosure avoidance steps when I am reporting results based on restricted-use data. What is the reasoning behind these requirements?
IES requires the rounding of unweighted sample size numbers because these numbers are not publicly available. If they are rounded, it makes it harder for "data snoopers" to use them along with other publications based on the same data to disclose sample respondents. For most surveys, rounding to the nearest 10 provides disclosure protection while giving the reader a sense of the "power" of the underlying sample.
For all datasets produced by IES or NCES, licensees are required to round all unweighted sample size numbers to the nearest ten (nearest 50 for ECLS-B) in all information products (i.e.: proposals, presentations, papers or other documents that are based on or use restricted-use data).
For all other datasets, including administrative datasets produced by other agencies within the Department of Education (e.g. EDFacts, CRDC, etc.), disclosure avoidance standards will vary. The required disclosure avoidance measures for these non-IES datasets will be listed in a readme.txt file included with that specific dataset.
You are required to submit all written reports, tables or presentations that are based on restricted-use data to IES for disclosure review before you share it with anyone who is not an authorized user on your License.
Research work such as draft documents and reports (including a thesis or dissertation) that use restricted-use data cannot be disseminated to anyone who is not an authorized user until IES reviews the work. Once IES reviews this work for potential disclosures and approves it, then the work can be shared with non-Licensed users. Thus, we recommend that you include all thesis or dissertation committee members as authorized users on the License.
If you send IES the document electronically, we will review and comment on it within 5 business days. IES will require changes if a disclosure risk is identified. Please factor in the necessary time for making these revisions and resending the revised paper to IES for final approval.
Please send the draft paper to IESData.Security@ed.gov as an email attachment (PDF, Word or PowerPoint).
You will have to use computer software to analyze the data. Restricted-use data are extracted from the CD-Rom onto your computer’s hard drive, and then read into statistical computer software such as SPSS, SAS, or STATA. The data do not come with tools (e.g., DAS) to make tables.
Please contact the program office responsible for the data with your questions about the survey data administration and other statistical and technical issues. On the NCES website, go to surveys, find the study you are analyzing, and then click on "staff" for contact information for that program.
School-level data is restricted, under current federal laws. The two ways to get NAEP data are 1) to access the NAEP Data Explorer for performance data on subgroups by nation, all subjects (reading, writing, mathematics and science only), and by state), or 2) apply for a restricted-use data License for NAEP data in order to run your own analysis.
IES no longer disseminates NSF restricted-use data. You will have to contact NSF.
Please contact IES staff for the data collection you are interested in for help in making such a determination. On the NCES website, go to surveys, find the study you are analyzing, and then click on "staff" for contact information for that program.
The License agreement contains a definition for "subject data" and carries this throughout the agreement, whereas the Security Plan uses the terminology "restricted data." Are the two terms used interchangeably?
"Individually identifiable information," "subject data," and "restricted data" all refer to the data that the applicant would be Licensed to use. These terms refer to the same thing and are interchangeable.
Licensees are not allowed to contact sample schools without prior permission from IES. If a Licensee contacts these schools/districts without first receiving IES permission, the Licensee would be in violation of the terms of the License.