Skip Navigation
Statistical Standards Program

Chapter 4: On-Site Inspections

The License authorizes representatives of IES to make unannounced and unscheduled inspections of the licensee's facilities, including any associated computer center, to evaluate compliance with the terms of the License and security procedures.

Chapter Contents

4.1 On-Site Inspection Procedures

Under the provisions of the License, IES may conduct unannounced and unscheduled inspections of the License site to assess compliance with the terms of the License.

Specifically, an IES-authorized security inspector will visit the licensee's facilities to evaluate compliance in the following two areas, which are explained in detail in this section:

  • Operational Procedures
  • Security Procedures and Security Plan

Appendix K contains the On-Site Inspection Guideline.

License Procedures

The IES inspector will review the project operations with the PPO, or the Senior Official, at the licensee's facility. This review will focus on the agreements set forth in the actual License (or Memorandum of Understanding).

This includes an inspection of the current status of the project:

  • Record of License. The IES inspector will review the licensee's file for a copy of the License, along with copies of all of the Affidavits of Nondisclosure, training certificates, and a list of persons authorized to access the data.
  • Affidavits of Nondisclosure. The IES inspector will review the names and status of all project personnel. All project personnel must have an executed Affidavit of Nondisclosure on file with IES. This review is to confirm that IES has the most current information on file for those individuals who have the authority to access the subject data.
  • The Project Staff. The IES inspector will determine whether a copy of the License and a copy of the Security Plan Form have been reviewed by all members of the project staff. This is to ensure that all members of the project team are aware of the procedures required for accessing and securing restricted-use data.

Security Procedures and Security Plan Form

The IES inspector will review with the licensee all aspects of the licensee's security procedures for the restricted data. These procedures are documented in the Security Procedures.

The IES inspector will also review the licensee's submitted Security Plan Form, which is the on-site implementation document for the security procedures.

The IES inspector will review these procedures for compliance. A basic outline of these procedures, in the On-Site Inspection Guideline, is presented in the next section below.


4.2 On-Site Inspection Guideline

The On-Site Inspection Guideline in Appendix K presents a standard set of questions that will be asked by the IES inspector when performing an on-site inspection. Since this is a guide, more License-specific questions may be asked on a case-by-case basis.

The On-Site Inspection Guideline is provided here to ensure consistency among interviews and to ensure that all appropriate questions and topics are covered during the interview. A basic outline of the topics covered in the inspection guideline is:

The on-site inspection will also include a tour of the licensee's secure project office.


4.3 Violations, Penalties, and Prosecution


  • Statement of Warning. If IES finds the licensee to be in noncompliance in a manner that has not yet resulted in unauthorized disclosure, IES will send a Statement of Warning to the Senior Official within six weeks (30 working days) of the on-site inspection. (More serious violations may result in License revocation or criminal prosecution. See below.)

    The licensee has one month (20 working days) from receipt of the Statement of Warning to provide IES a letter detailing what procedures have been implemented to restore compliance.
  • Revocation of License. As stated in the License (Section IV, Penalties) any violation of the terms and conditions contained in the License may subject the licensee to immediate revocation of the License by IES. If violations are discovered, IES will notify the licensee, in writing, of the factual basis and grounds for revocation.

    The licensee has six weeks (30 working days) to submit a written argument and evidence to IES indicating why the License should not be revoked. The IES Data Security Program shall provide written notice of a decision to the licensee within nine weeks (45 working days) after receipt of the licensee's written argument. IES may extend this time period for good cause.

List of Most Common Violations

  • No three-minute shutdown when the computer is left on
  • Lack of warning statement when restricted-use data are brought up on the screen
  • Accessing restricted-use data from an off-site location
  • The PPO not maintaining control over the restricted-use data
  • The PPO neglecting to inform the IES Data Security Office of any project personnel changes
  • Neglecting to return restricted-use data to the IES Data Security Office
  • Neglecting to destroy all subsets of the data at the end of the project (the IES Data Security Office must be informed that this has taken place via completion of the License Close-Out Certification Form)
  • Restricted-use data leaving the licensed site
  • Making a copy of the restricted-use data and allowing it to leave the licensed site
  • Removing the warning label with the expiration date from the restricted-use data
  • Not labeling any copies or sub-sets of the data with the warning label
  • Not restricting access to the secure project office to License users only

Prosecution and Penalties

Alleged violations of the Privacy Act of 1974 or IES-specific laws are subject to prosecution by the United States Attorney after first making reasonable efforts to achieve compliance.

Any violation of this License may also be a violation of federal criminal law under the Privacy Act of 1974, 5 U.S.C. 552a, and may result in a misdemeanor and a penalty of up to $5,000.

Anyone violating the confidentiality provisions of Section 183 of the Education Sciences Reform Act of 2002 (P.L. 107-279), or making an unauthorized disclosure, when using the data shall be found guilty of a class E felony and can be imprisoned up to five years, and/or fined up to $250,000.

Penalties, fines and imprisonment, may be enforced for each occurrence of a specific violation.n