Skip Navigation
Statistical Standards Program

Table of Contents






Restricted-Use Data
Public-Use Data
   Licensing Procedures
   Security Procedures
   On-Site Inspections


1.1 Basic Statutes
1.2 Privacy Act of 1974
   Privacy Standards
   Computer Security Guideline
1.3 E-Government Act of 2002, Title III, Federal Information Security Management Act (FISMA)
1.4 Education Sciences Reform Act of 2002
   Confidentiality Standards
1.5 USA Patriot Act of 2001
1.6 E-Government Act of 2002


2.1 What Data Are Licensed
   Only Restricted-Use Data Are Licensed
   Available Restricted-Use Databases
2.2 What is a License?
   Memorandum of Understanding
   Content of License Documents
2.3 Who Needs a License Document
   Matching Organizations to License Documents
   Restricted-Use Data and IES Staff
   Pre-test Monitoring
2.4 Applying for a License
   Summary of Procedures
   Formal Request
   License Document
   Affidavits of Nondisclosure
   Security Plan Form
   Receiving the Requested Materials
2.5 Required Licensee Activity
   Maintaining the License File
   Submitting Research Publications
   Passing On-Site Inspections
   Outside Requests for Data
2.6 Amending a License
   Add User Amendment
   Delete User Amendment
   Add Database Amendment
   Modify Security Plan Amendment
   Extend License Amendment
   Close-Out License Amendment
2.7 Applicant/Licensee Record


3.1 Introduction
   Basic Statutes
   IES Statutes
   Other Statutes
3.2 Risk Management
3.3 General Security Requirements
   Assign Security Responsibilities
   Complete Security Plan Form
   Restrict Access to Data
   Use Data at Licensed Site Only
   Respond to Outside Request for Subject Data
   Return Original Data to IES
3.4 Physical Handling, Storage, and Transportation
   Protect Machine-Readable Media and Printed
   Avoid Disclosure from Printed Material
   Restrict Copying of Data
   Limit Transporting of Data
3.5 Computer Security Requirements
   Standalone Desktop Computer Security Model
   Notification (Warning Screen)
   Read-only Access
   No Connections to Another Computer
   Lock Computer and/or Room
   Automatic Shutdown of Inactive Computer
   Do Not Backup Restricted-Use Data
   Staff Changes
   Overwrite Hard Disk Data
3.6 License User Training


4.1 On-Site Inspection Procedures
   License Procedures
   Security Procedures and Security Plan Form
4.2 On-Site Inspection Guideline
4.3    Violations, Penalties, and Prosecution
   List of Most Common Violations
   Prosecution and Penalties


Appendix A   Definition of Terms
Appendix B Public-Use Data (recent information is available on the NCES Online Catalog)
Appendix C Privacy Act of 1974
Appendix D Agency-Specific Laws
Appendix E Memorandum of Understanding
Appendix F License
Appendix G Affidavit of Nondisclosure
Appendix H Restricted-Use Databases (recent information is available on the NCES Online Catalog)
Appendix I Availability of Restricted-Use Data (recent information is available on the NCES Online Catalog)
Appendix J Restricted-use Data Security Plan Form
Appendix K On-Site Inspection Guideline
Appendix L E-Government Act of 2002
Appendix M Close-out Certification Form