Statistical Standards Program
Publications & Products|Staff

Table of Contents

PUBLICATION INFORMATION
 

CONTACTS
 

INTRODUCTION
Restricted-Use Data
Public-Use Data
Overview
   Laws
   Licensing Procedures
   Security Procedures
   On-Site Inspections
 


LAWS
1.1 Basic Statutes
1.2 Privacy Act of 1974
   Privacy Standards
   Computer Security Guideline
1.3 E-Government Act of 2002, Title III, Federal Information Security Management Act (FISMA)
1.4 Education Sciences Reform Act of 2002
   Confidentiality Standards
   Violations
1.5 USA Patriot Act of 2001
1.6 Foundations for Evidence-Based Policymaking Act of 2018, Title III, Part B, Confidential Information Protection
 


LICENSING PROCEDURES
2.1 What Data Are Licensed
   Only Restricted-Use Data Are Licensed
   Available Restricted-Use Databases
2.2 What is a License?
   Memorandum of Understanding
   License
   Contracts
   Content of License Documents
2.3 Who Needs a License Document
   Matching Organizations to License Documents
   Restricted-Use Data and IES Staff
   Pre-test Monitoring
   Contractors
2.4 Applying for a License
   Summary of Procedures
   Formal Request
   License Document
   Affidavits of Nondisclosure
   Security Plan Form
   Receiving the Requested Materials
2.5 Required Licensee Activity
   Maintaining the License File
   Submitting Research Publications
   Passing On-Site Inspections
   Outside Requests for Data
2.6 Amending a License
   Add User Amendment
   Delete User Amendment
   Add Database Amendment
   Modify Security Plan Amendment
   Extend License Amendment
   Close-Out License Amendment
2.7 Applicant/Licensee Record
 


SECURITY PROCEDURES
3.1 Introduction
   Basic Statutes
   IES Statutes
   Other Statutes
3.2 Risk Management
3.3 General Security Requirements
   Assign Security Responsibilities
   Complete Security Plan Form
   Restrict Access to Data
   Use Data at Licensed Site Only
   Respond to Outside Request for Subject Data
   Return Original Data to IES
3.4 Physical Handling, Storage, and Transportation
   Protect Machine-Readable Media and Printed
   Material
   Avoid Disclosure from Printed Material
   Restrict Copying of Data
   Limit Transporting of Data
3.5 Computer Security Requirements
   Standalone Desktop Computer Security Model
   Passwords
   Notification (Warning Screen)
   Read-only Access
   No Connections to Another Computer
   Lock Computer and/or Room
   Automatic Shutdown of Inactive Computer
   Do Not Backup Restricted-Use Data
   Staff Changes
   Overwrite Hard Disk Data
3.6 License User Training
 


ON-SITE INSPECTIONS
4.1 On-Site Inspection Procedures
   License Procedures
   Security Procedures and Security Plan Form
4.2 On-Site Inspection Guideline
4.3    Violations, Penalties, and Prosecution
   Violations
   List of Most Common Violations
   Prosecution and Penalties


APPENDICES
Appendix A   Definition of Terms
Appendix B Public-Use Data (recent information is available on the NCES Online Catalog)
Appendix C Privacy Act of 1974
Appendix D IES-Specific Law
Appendix E Memorandum of Understanding
Appendix F License
Appendix G Affidavit of Nondisclosure
Appendix H Restricted-Use Databases (recent information is available on the NCES Online Catalog)
Appendix I Availability of Restricted-Use Data (recent information is available on the NCES Online Catalog)
Appendix J Security Plan Form
Appendix K On-Site Inspection Guideline
Appendix L Foundations for Evidence-Based Policymaking Act of 2018, Title III, Part B, Confidential 55 Information Protection
Appendix M Close-out Certification Form