Skip Navigation
small header image
U.S. Department of Education
Institute of Education Sciences
NCES Kids' Zone
  
Statistical Standards Program
Publications & Products|Staff

Chapter 2: Licensing Procedures

Chapter Contents

2.1 What Data Are Licensed

Only Restricted-Use Data Are Licensed

When IES conducts surveys, the data collected sometimes include individually identifiable information, which is confidential and protected by law. 1

Restricted-use data is the term for survey data that contain individually identifiable information. Only restricted-use data are licensed. (Note: Public-use data are not licensed.)

The restricted-use data provided to the Licensee and all information derived from those data, and all data resulting from merges, matches, or other uses of the data provided by IES with other data are subject to the license and are referred to in the license as "subject data."

Individually identifiable information includes, but is not limited to, personal data in the following categories:

  • education,
  • financial,
  • medical,
  • employment,
  • criminal, or
  • personal identifiers (e.g., name, number, symbol), and
  • other identifying particulars assigned to the individual (e.g., fingerprint, voiceprint, photograph).

Available Restricted-Use Databases

The restricted-use databases that are available to organizations in the United States through these licensing procedures are listed at: NCES online catalogue.

Top

2.2 What is a License?

Three similar license documents are used to lend restricted-use data: Memorandum of Understanding, License, and Contract. All three are referred to as licenses and, when signed, are equally binding on the Licensees.

Memorandum of Understanding

The Memorandum of Understanding is used to provide data to Federal agencies or offices, external to IES. A copy of the memorandum is in Appendix E.

License

The License is used to provide data to non-Federal agencies or offices, including organizations working on analysis contracts with IES. Appendix F contains a copy of the license.

Contracts

When IES has a contract involving the collection of restricted-use data, the contract "boiler plate" includes the provisions of the license.

Content of License Documents

In brief, each of the three license documents:

  • defines the information subject to this agreement,
  • specifies the individuals who may have access to subject data (PPO and professional/technical and support staff),
  • describes limitations of disclosure,
  • lists administrative requirements,
  • requires publications based on the data be sent to IES,
  • requires the organization to contact IES in case of (suspected) breaches of security,
  • requires the organization to agree to unannounced and unscheduled inspections,
  • reviews the security requirements for the maintenance of, and access to, subject data, and
  • describes penalties for violations.

Top

2.3 Who Needs a License Document

Virtually every organization needs a license document to authorize individual access to restricted-use data.

The type of organization determines the specific license document.

Matching Organizations to License Documents

Type of Organization License Document
Congress Memorandum of Understanding
Federal Agencies 1 Memorandum of Understanding
   IES Staff 2 Oath of office replaces Memorandum; staff must sign the Data Security Program log book when obtaining the data.
Non-Federal Agencies/Groups/Organizations License
   State and Local Agencies License
   Research Laboratories License
   Data Collection Contractor
   (to IES)		 License "Boiler Plate" in Contract
   Contractor (to IES Contractor) License "Boiler Plate" in Contract
   Survey Pre-Tests License "Boiler Plate" in Contract
   Analysis Contractor License
1 This includes other components of the Department of Education.
2 See Restricted-Use Data and IES Staff.

Restricted-Use Data and IES Staff

IES staff are subject to all of the obligations and restrictions protecting restricted-use data. Further, IES staff are not authorized to issue restricted-use data files.

  • Any inhouse staff needing access to restricted-use data must request and obtain clearance through the Data Security Program.
  • Staff must sign the Data Security Program's log book when obtaining the data.
  • Staff who have restricted-use data must keep it under lock and key. These data may not be stored on a computer and the data files cannot be left open when not in use. (See chapter 3, Security Procedures, for full details.)
  • The data may not be removed from the office area without clearance from the Data Security Program.
  • These restricted-use data must be returned to the Data Security Program prior to the departure of an employee or Fellow from IES. IES staff should refer all requests for licensing documents, affidavits, or restricted-use data to the Data Security Program. These requests are not handled by program staff.

Pre-test Monitoring

Staff perform pre-tests to review the data collection process and to test the validity of the survey instrument. Because actual sample data are acquired to test the proposed survey design, the responses collected in this pre-test sampling may contain individually identifiable information and thus may be subject to restricted-use data security procedures.

The IES Contracting Office Technical Representative (COTR), who is responsible for conducting these pre-tests, must submit a written description of what is involved in the survey design review to the Data Security Program. The COTR must also obtain an executed Affidavit of Nondisclosure from all persons outside the IES who will review the survey design and will have access to these sampling data. COTRs will forward all original Affidavits of Nondisclosure to the Data Security Program.

Contractors

An organization or individual performing work under contract must complete the licensing process unless the collection of restricted-use data is required to fulfill the terms of the contract. The conditions spelled out in the license are incorporated in the "boiler plate" of the contract.

  • Sub-Contractors (to Contractors) are bound by the terms in the contractual agreement of the contractor.
  • Those terms include the provision that data cannot leave the licensed site. Sub-contractors needing to use data at a remote site must get their own licenses.

A contractor who proposes to do independent research using the restricted-use data obtained to perform work for IES must submit a formal, written request. (See section 2.4.) If the purpose of the independent research is different from the purpose for using the data stated in the contract, the contractor must follow the standard application process for obtaining a license.

Top

2.4 Applying for a License

These are the current standard licensing procedures for the authorization of external use of restricted-use data.

Summary of Procedures

To qualify for and receive restricted-use data, applicants must submit all four types of documents:

Applicants are to prepare, complete and return the signed License, notarized Affidavits, and the Security Plan Form.

Mail all correspondence, signed by the Principal Project Officer (PPO) and not by a staffer, to the IES Data Security Program.

The IES Data Security Program staff will review the submitted documents for content and completeness.

The original license document is only submitted for final IES approval when all required information has been received and the license application is complete.

IES may request additional information regarding the proposed use of the data, the resources available to the researcher to perform the analysis, or other aspects of the projects which are deemed necessary.

The decision to grant a license is solely that of the Director. The authority granted in the license becomes effective on the date of the Director's signature.

Formal Request

The Formal Request will ask for specific items of information. Your information will be collected through IES's electronic application system.

Formal Request Checklist T
(1) The title of the database(s) the organization wants to access;      
(2) A description of the statistical research project necessitating access
     to the restricted-use database;		  
(2) The name and title of the Senior Official;  
(4) The name and title of the Principal Project Officer(s);  
(5) The name and title of the System Security Officer;  
(6) The names and titles of the professional/technical and support staff; and  
(7) The estimated loan period (not to exceed five years).  

The Formal Request requirements are described in more detail below.

(1) The title of the database(s) the organization wants to access.

(2) A description of the statistical research project that necessitates accessing the survey database. The description must fulfill the following conditions:

  • explain why the public-use version of the data is insufficient for your research needs;
  • describe the final research objective, or use, of the data;
  • describe the sector(s) of the community that will be served by the product; and
  • assure IES that the data will not be used for any administrative or regulatory purpose in addition to, or instead of, the statistical purpose described.

Note: The purpose of the research for which the data are requested must accord with the purpose for which the survey data were collected. Descriptions of those purposes are in appendix H: NCES.

If an applicant requests access to subject data that are currently under an IES Contract/Task Order with the applicant, the applicant must provide:

  • the contract number, and
  • the name of the Contracting Office Technical Representative (COTR).

(3) The name and title of the Senior Official having the authority to bind the organization to the provisions of the license.

(4) The name and title of the Principal Project Officer(s) who will oversee the daily operations. To qualify for and receive a restricted-use data License and the restricted-use data, academic applicants must have the rank of post-doctoral fellow or above to serve as the Principal Project Officer (PPO). Visiting professors or scholars cannot be a PPO. Applicants in research laboratories or analytic consulting firms must have the rank of research associate or above to serve in this role. (The PPO is the researcher in charge of the day-to-day operations involving the use of subject data and is responsible for liaison with the IES Data Security Program.)

(5) The name and title of the Systems Security Officer(s) who will oversee the security of the data.

(6) The names and titles of the professional/technical and support staff who will be accessing the survey database. Generally, the staff is limited to a maximum of seven (7) persons. Exceptions to this limit may be authorized by the IES Data Security Program. Written documentation authorizing the exception must be obtained from IES. (Requests for data or amendments to an existing license will only be accepted from the PPO.)

(7) The estimated loan period necessary for accessing the survey database. Loan periods are in one-year increments and may not exceed a five-year period. The loan period starts on the date that IES signs the license document.

License Document

An executed License Document is a legally binding agreement.

License Document Checklist T
Review the appropriate license document.      
Insert the name of the Agency or organization to be licensed in the appropriate blank(s).  
The Senior Official (or appropriate government official) signs the license.  
The Principal Project Officer signs the license.  
Send the original signed license to the IES Data Security Program.  

Affidavit of Nondisclosure

An Affidavit of Nondisclosure must be executed for each person who may have data access.


Affidavit of Nondisclosure Checklist T
Obtain a notarized Affidavit of Nondisclosure from each employee and sub-contractor staff who may come in contact with the subject data.      
Fill in all requested information on the Affidavit.  
Send the original signed and notorized Affidavits of Nondisclosure to the IES Data Security Program.  

Appendix G contains a copy of the Affidavit of Nondisclosure form.

In general, an individual who is not an IES employee and who wants access to licensed individually identifiable information must execute an Affidavit of Nondisclosure and submit it, through a licensed organization, to the IES Data Security Program. IES allows up to seven (7) individuals per project to access the subject data. (IES may require that the supervisor of the applicant organization's computer facilities be one of those seven.)

The one-page Affidavit contains:

  • the name of the survey(s) to be accessed (see below),
  • an oath or affirmation not to disclose individually identifiable information to any person not similarly sworn,
  • the penalties for disclosure, and
  • the signature and imprint of a notary public.

Affidavits are "survey-specific": they are only valid for the survey(s) listed on the form. Include all surveys and all subsequent followups that will be needed; for example, "the base year survey and all subsequent followups."

Notarized documents cannot be amended by IES. To access a followup of a listed survey or to access a survey that was not listed on the notorized affidavit, another affidavit must be executed.

Organizations must promptly notify IES of any changes in project staff. (See section 2.6, Amending a License.)

Security Plan Form

The Security Plan Form contains the detailed procedures for protecting the subject data.

Security Plan Form Checklist T
Review chapter 3, Security Procedures.      
Fill out the Security Plan Form found in Appendix J.  
Send the original signed Security Plan Form to the IES Data Security Program.  

Restricted-use data must be kept SAFE at all times. SAFE means that the individually identifiable information is secure from unauthorized disclosure or modification. Security procedures are explained in detail in chapter 3; the Security Plan Form can be found in appendix J. Federal agencies do not need to submit the Security Plan Form. Federal agencies must adhere to the security requirements set forth in the MOU.

Receiving the Requested Materials

Final Product Package Contents T
The new Licensee receives the final product package, including      
  • a copy of the original license,
  
 
  • database media materials and instructional materials to assist the project staff in the use of the data:

    Materials accompanying data files include
    (1) Warning/Restriction Labels (attached to all enclosures)
    (2) Loan Expiration Date (attached to all enclosures)

  

The package is sent Restricted Delivery - Certified Mail to the Licensee.

Note: Only one copy of a database in any format can be borrowed at a time. A Licensee who has a copy of the database and wants a revised version must return the original via certified mail before the revised version will be sent. (See section 2.6, Amending a License.)

UNDER NO CIRCUMSTANCES MAY THE ORIGINAL OR A DUPLICATE OF THE DATABASE BE REMOVED OR COMMUNICATED FROM THE LICENSEE'S SITE.

Top

2.5 Required Licensee Activity

The Licensee is responsible for all terms and provisions in the license document and related materials, including the Security Procedures. (See the appropriate license document in appendix E or F for full requirements.)

This section addresses three of the major administrative requirements-maintaining the License file, with copies of the Executed Affidavits, and submitting research publications-and the Licensee's responsibility to be ready for inspection at all times.

The security requirements are explained in detail in chapter 3.

Maintaining the License File

The Licensee's Principal Project Officer (PPO) is accountable for having all pertinent information in this file.

License File Checklist T
The Licensee shall maintain a license file at the same facility where the Licensee stores the restricted-use data. The file is to contain the following items:      
  • copies of the Emails you received from the IES Data Security Office.
  
 
  • any amendments to the license document;
  
  • a current list of all individuals who may have access to the data, along with copies of their notarized Affidavits of Nondisclosure; and
  
 
All project staff shall both READ and UNDERSTAND this material. All individuals who may have access to the subject data must be fully aware of the required security precautions and procedures. (This is the Principal Project Officer's responsibility.)  

Submitting Research Publications

If the Licensee intends to publish any information that would include unweighted sample size numbers, Licensee must submit an advance copy of the document to the IES Data Security Program prior to its publication. Otherwise, the Licensee shall submit to the IES Data Security Program a copy of the final version of each publication or any other data product containing information based on subject data.

Research Publication Checklist T
The PPO shall forward a final copy of each publication containing information based on restricted-use data to the IES Data Security Program.

If the PPO suspects a publication might disclose individually identifiable information, the PPO must forward an advance (before public release) copy of that publication to IES for review and delay public release until formally notified by IES that no potential disclosures were found. For example, any proposed publication that contains any unweighted sample size numbers must be submitted to IES for a disclosure review prior its public release. (IES generally clears all publications within a week.) When tabulations are produced, any table having a cell with 1 or 2 unweighted cases must be recategorized to insure that each cell in the table has at least 3 unweighted cases. This rule excludes table cells with zero cases because there are no data to protect in the cell.

      

Passing On-Site Inspections

The license (section IV.G) gives IES Data Security Officials the right to conduct unannounced, unscheduled inspections of the Licensee's site to assess compliance with the provisions of the license, Security Procedures, and the Licensee's submitted Security Plan Form. The inspection procedures are described in chapter 4, On-Site Inspections, and a copy of the On-Site Inspection Guideline can be found in appendix K.

Any violation may subject the Licensee to immediate revocation of the license by IES, or report of the violation to the U.S. Attorney.

On-site Inspection Checklist T
If an on-site inspection is conducted, IES will provide formal notification of any violations in the required security procedures.      
  • Correct all identified security violations.
  
  • Licensee must notify IES in writing of the corrective measures.
  

Outside Requests for Data

The Licensee shall notify IES immediately when it receives any legal, investigatory or other demand for subject data, including any request or requirement to provide subject data to any State agency or State contractor, and shall keep a record of how the matter was resolved.

Top

2.6 Amending a License

IES shall be kept informed of any modifications in project operations throughout the span of the loan period.

To change any of the terms and conditions agreed upon in the license, the Licensee shall submit a request to the IES Data Security Program. (Including the license number will result in faster turnaround.)

ALL CORRESPONDENCE SHALL BE INITIATED BY THE PRINCIPAL PROJECT OFFICER (or the Senior Official in the PPO's absence).

Addition to Project Staff


Addition to Project Staff Checklist T
Notify the IES of any additions to project staff.      
Include the notarized Affidavit(s) of Nondisclosure for the additional staff with the letter requesting an amendment.  
The IES response letter accepting (or rejecting) the proposed amendment is to be kept in the License's file.  

Reduction of Project Staff


Reduction of Project Staff Checklist T
Notify IES of any reductions in project staff.      
Affidavits of personnel withdrawn from the project shall be marked "VOID," or destroyed.  
The IES response letter or e-mail accepting the proposed amendment is to be kept in the Licensee's file.  

When informed that a Licensee staff person is no longer accessing the restricted-use data, the Data Security staff will mark that person's Affidavit of Nondisclosure "VOID."

Requesting an Additional Database

A Licensee may request access to another database in addition to what was agreed upon in the original license.

If the database request can be accommodated under the same licensing instrument, then the applicant need only submit the following information to IES:

Requesting an Additional Database Checklist T
(1) The title of the survey(s) requested      
(2) A description of the research purpose which necessitates accessing the restricted-use data, and  
(2) The names of the personnel who will have access to the database. (Include executed Affidavits for any staff who do not have the additional database listed on their original Affidavits.)  

The Data Security Program will review the request. If judged complete, the request for an additional database will be included in the Licensee's file as an amendment to the license instrument and the database will be sent.

2.7 Closing-Out the License Period


Closing-Out Checklist T
Notify IES in writing that the project necessitating use of the data has been completed.      
Return the original subject data to IES by certified mail.  
Return any additional database materials and documentation to IES.  
Destroy all hard copy versions of subject data and purge all electronic versions, including all copies and subsets, from any computer system used in analysis.  

The Licensee shall return to IES, by certified mail, the data product containing the original subject data and any additional materials and documentation.

The Licensee shall also overwrite the subject data on any computer system used in analysis; that is, totally obliterate erased (deleted) data so that it cannot be recovered by any means. One method would be to use the Norton Utility WIPEINFO, which can be used on single files or entire disks.

2.8 Applicant/Licensee Record

The following checklist summarizes the Licensing Procedures for Restricted-Use Data.

ACTIVITY T
REVIEW REQUIRED PROCEDURES  
Obtain a copy of the Restricted-Use Data Procedures Manual.      
    Review the manual.
 
APPLYING FOR A LICENSE  
Submit the following to the IES Data Security Program (through the electronic application system at: http://nces.ed.gov/StatProg/instruct.asp) -  
Formal Request:
  
      (1) Title of survey(s).
 
      (2) Description of the statistical research project for which the restricted-use data are needed.

      Explanation of why the restricted-use data are needed (e.g., instead of the public data version).

      Explanation of how the statistical research project is consistent with the specific purpose for which the survey was conducted.
 
      (3) Name and title of the Senior Official.
 
      (4) Name and title of the Principal Project Officer(s).
 
      (5) Name and title of the Systems Security Official.
 
      (6) Names and titles of the professional/technical staff.
 
      (7) Estimated loan period (not to exceed five years).
 
Send the following three items to the IES Data Security Program.  
 
 
      (a) Ensure personnel who will execute Affidavits read and understand the License and the Security Procedures.
 
      (b) Fill out, sign and notorize the Affidavits of Nondisclosure for all project personnel, including support staff.
 
    3) Security Plan Form - Complete and sign the Security Plan Form found in Appendix J. Add in any additional protections due to local conditions. It must be signed.
 
REQUIRED LICENSEE ACTIVITY  
 
    Have on file at the licensed facility, copies of:
 
      (1) Emails received from the IES Data Security Office,
 
 
 
 
 
      All project staff must know where these documents are kept.
 
 
      (1) Forward to IES for review an advance (before public release) copy of each publication that might disclose individually identifiable information. [IES will formally notify the Licensee of acceptance of the publication (i.e., no security violations were found).]
 
      (2) A final copy of each publication containing information based on restricted-use data must be forwarded to IES.
 
 
      (1) After conducting an on-site inspection, IES will provide formal notification of any violations in the security procedures.
 
      (2) All identified security violations must be corrected.
 
      (3) Licensee must notify IES in writing of the corrective security measures.
 
AMENDING A LICENSE  
Licensee must notify IES if there have been any changes to the conditions of the license.  
    (1) IES must be notified of new and/or departing project personnel.
 
 
    (3) Changes in project purpose or product require a contract amendment approved by IES.
 
    (4) Changes in, or additions to, licensed database(s) require a contract amendment approved by IES.
 
CLOSING-OUT THE LICENSE PERIOD  
    (1) Formally notify IES when the data project is completed.
 
    (2) Return the original subject data to IES.
 
    (3) Return any additional data materials and documentation to IES (if applicable).
 
    (4) Double check that a final copy of each publication containing information based on restricted-use data has been sent to IES.
 
    (5) Destroy all hard copy versions of the subject data and purge all traces of the subject data, including all copies and subsets, on any computer system used in analysis.
 

REVIEW
IES will review the submitted documents for licence and supporting documentation for content and completeness.

If all requirements have been met, the requested materials will be sent to the new Licensee.

UNDER NO CIRCUMSTANCES may the database be removed or communicated from the Licensee's site.

1 Because federal laws cannot be enforced outside of the United States, restricted-use data cannot leave the United States.

Top


Pubs/Products|Surveys/Programs|DataTools|Tables/Figures|FastFacts|School/LibrarySearch|Annuals|What's New|Kids Zone
|Institute of Education Sciences|NCER|NCEE|NCSER
  
1990 K Street, NW
Washington, DC 20006, USA
Phone: (202) 502-7300 (map)
Statistical Standards|FedStats.gov