- Overview
- Statistical Standards
- Annual CIPSEA Report
- Style Guides
- NCES Handbook of Survey Methods
- Review and Adjudication
- Confidentiality Procedures
- Restricted Use Data Licenses
- Getting Started
- Applying for a Restricted-use Data License
- Applying for a Memorandum of Understanding
- Formal Request
- Getting Access to an Existing License or a Submitted Application
- Annual Licensee Training
- Responsibilities as an IES Restricted-use Data Licensee
- Submitting a License Amendment
- Restricted-Use Data Procedures Manual
- IES Data Security Office Mailing Address
- Accessing and Using Restricted-Use Data FAQ
- Licensing Procedures FAQ
- Research Projects
Contact
Introduction
Chapter Contents
- Restricted-Use Data
- Public-Use Data
- Overview of Laws
- Licensing Procedures
- Security Procedures
- On-Site Inspections
Restricted-Use Data
The Institute of Education Sciences (IES) collects survey and research data containing individually identifiable information, which is confidential and protected by federal law.
IES uses the term "restricted-use data" for such information. The terms "restricted-use data" and "subject data" are synonymous. (See Appendix A, Definition of Terms.)
Public-Use Data
IES uses the term "public-use data" for survey data when the individually identifiable information has been coded or deleted to protect the confidentiality of survey respondents. Access to public-use data does not require a license, for these data are available to the general public. For more information on public-use data, see NCES online catalog at http://nces.ed.gov/pubsearch/.
Overview of Laws
The relevant laws about survey data that contain individually identifiable information are found in the following statutes. More information on these laws is in Chapter 1:
- The Privacy Act of 1974 and the Computer Security Act of 1987 provide for the security and privacy of personal data maintained by the federal government. These laws pertain to all restricted-use data. Unlawful disclosure is a misdemeanor and is subject to a fine up to $5,000.
- The Foundations for Evidence-Based Policymaking , Act of 2018 Title III, Part B, Confidential Information Protection mandates the protection of individually identifiable information that is collected by any federal agency for statistical purposes Unauthorized disclosure of these data is a class E felony punishable by up to five years in prison, and/or a fine up to $250,000.
- The USA Patriot Act of 2001 amended the National Education Statistics Act of 1994 (NESA 1994) by permitting the Attorney General to petition a judge for an ex parte order requiring the Secretary of the Department of Education to provide NCES data that are identified as relevant to an authorized investigation or prosecution of an offense concerning national or international terrorism to the Attorney General.
- The Education Sciences Reform Act of 2002 (ESRA 2002) incorporated the confidentiality provisions from NESA , as amended, while expanding the coverage from NCES to IES. ESRA requires IES to collect, analyze, and disseminate education data and to protect the confidentiality of individually identifiable information. An unauthorized disclosure is a class E felony, punishable by up to five years in prison, and/or a fine up to $250,000.
Licensing Procedures
IES will lend restricted-use data only to qualified organizations in the United States, using a strict licensing process described in Chapter 2. Individual researchers must apply through an organization (e.g., a university or a research institution). To qualify, an organization must submit:
- An online Formal Request through the NCES electronic application system,
- a signed License document,
- executed Affidavits of Nondisclosure, and
- a signed Security Plan Form.
Security Procedures
Restricted-use data must be kept secure at all times. "Secure" means that the data are protected from unauthorized access or disclosure in accordance with the terms of the License and the specified security procedures outlined in the Security Plan Form. The security procedures described in Chapter 3 include the computer security requirements for the standalone, desktop computer configuration.
On-Site Inspections
Under the terms of the License, IES has the right to conduct unannounced, unscheduled inspections of the data user's site to assess compliance with the terms of the License and the required security procedures. The inspection procedures are described in Chapter 4.
 |
 |