Chapter Contents
Only Restricted-Use Data Are Licensed
When IES conducts surveys, the data collected sometimes include individually identifiable information, which is confidential and protected by law. 1
Restricted-use data is the term for survey data that contain individually identifiable information. Only restricted-use data are licensed. (Note: Public-use data are not licensed.)
The restricted-use data provided to the Licensee and all information derived from those data, and all data resulting from merges, matches, or other uses of the data provided by IES with other data are subject to the license and are referred to in the license as "subject data."
Individually identifiable information includes, but is not limited to, personal data in the following categories:
The restricted-use databases that are available to organizations in the United States through these licensing procedures are listed at: NCES online catalogue.
Three similar license documents are used to lend restricted-use data: Memorandum of Understanding, License, and Contract. All three are referred to as licenses and, when signed, are equally binding on the Licensees.
The Memorandum of Understanding is used to provide data to Federal agencies or offices, external to IES. A copy of the memorandum is in Appendix E.
The License is used to provide data to non-Federal agencies or offices, including organizations working on analysis contracts with IES. Appendix F contains a copy of the license.
When IES has a contract involving the collection of restricted-use data, the contract "boiler plate" includes the provisions of the license.
In brief, each of the three license documents:
Virtually every organization needs a license document to authorize individual access to restricted-use data.
The type of organization determines the specific license document.
Type of Organization | License Document |
---|---|
Congress | Memorandum of Understanding |
Federal Agencies 1 | Memorandum of Understanding |
IES Staff 2 | Oath of office replaces Memorandum; staff must sign the Data Security Program log book when obtaining the data. |
Non-Federal Agencies/Groups/Organizations | License |
State and Local Agencies | License |
Research Laboratories | License |
Data
Collection Contractor (to IES) |
License "Boiler Plate" in Contract |
Contractor (to IES Contractor) | License "Boiler Plate" in Contract |
Survey Pre-Tests | License "Boiler Plate" in Contract |
Analysis Contractor | License |
1 This includes other components of the Department of Education. 2 See Restricted-Use Data and IES Staff. |
IES staff are subject to all of the obligations and restrictions protecting restricted-use data. Further, IES staff are not authorized to issue restricted-use data files.
Staff perform pre-tests to review the data collection process and to test the validity of the survey instrument. Because actual sample data are acquired to test the proposed survey design, the responses collected in this pre-test sampling may contain individually identifiable information and thus may be subject to restricted-use data security procedures.
The IES Contracting Office Technical Representative (COTR), who is responsible for conducting these pre-tests, must submit a written description of what is involved in the survey design review to the Data Security Program. The COTR must also obtain an executed Affidavit of Nondisclosure from all persons outside the IES who will review the survey design and will have access to these sampling data. COTRs will forward all original Affidavits of Nondisclosure to the Data Security Program.
An organization or individual performing work under contract must complete the licensing process unless the collection of restricted-use data is required to fulfill the terms of the contract. The conditions spelled out in the license are incorporated in the "boiler plate" of the contract.
A contractor who proposes to do independent research using the restricted-use data obtained to perform work for IES must submit a formal, written request. (See section 2.4.) If the purpose of the independent research is different from the purpose for using the data stated in the contract, the contractor must follow the standard application process for obtaining a license.
These are the current standard licensing procedures for the authorization of external use of restricted-use data.
To qualify for and receive restricted-use data, applicants must submit all four types of documents:
Applicants are to prepare, complete and return the signed License, notarized Affidavits, and the Security Plan Form.
Mail all correspondence, signed by the Principal Project Officer (PPO) and not by a staffer, to the IES Data Security Program.
The IES Data Security Program staff will review the submitted documents for content and completeness.
The original license document is only submitted for final IES approval when all required information has been received and the license application is complete.
IES may request additional information regarding the proposed use of the data, the resources available to the researcher to perform the analysis, or other aspects of the projects which are deemed necessary.
The decision to grant a license is solely that of the Director. The authority granted in the license becomes effective on the date of the Director's signature.
The Formal Request will ask for specific items of information. Your information will be collected through IES's electronic application system.
Formal Request Checklist | T |
---|---|
(1) The title of the database(s) the organization wants to access; | |
(2) A description of the statistical
research project necessitating access to the restricted-use database; |
|
(2) The name and title of the Senior Official; | |
(4) The name and title of the Principal Project Officer(s); | |
(5) The name and title of the System Security Officer; | |
(6) The names and titles of the professional/technical and support staff; and | |
(7) The estimated loan period (not to exceed five years). |
The Formal Request requirements are described in more detail below.
(1) The title of the database(s) the organization wants to access.
(2) A description of the statistical research project that necessitates accessing the survey database. The description must fulfill the following conditions:
Note: The purpose of the research for which the data are requested must accord with the purpose for which the survey data were collected. Descriptions of those purposes are in appendix H: NCES.
If an applicant requests access to subject data that are currently under an IES Contract/Task Order with the applicant, the applicant must provide:
(3) The name and title of the Senior Official having the authority to bind the organization to the provisions of the license.
(4) The name and title of the Principal Project Officer(s) who will oversee the daily operations. To qualify for and receive a restricted-use data License and the restricted-use data, academic applicants must have the rank of post-doctoral fellow or above to serve as the Principal Project Officer (PPO). Visiting professors or scholars cannot be a PPO. Applicants in research laboratories or analytic consulting firms must have the rank of research associate or above to serve in this role. (The PPO is the researcher in charge of the day-to-day operations involving the use of subject data and is responsible for liaison with the IES Data Security Program.)
(5) The name and title of the Systems Security Officer(s) who will oversee the security of the data.
(6) The names and titles of the professional/technical and support staff who will be accessing the survey database. Generally, the staff is limited to a maximum of seven (7) persons. Exceptions to this limit may be authorized by the IES Data Security Program. Written documentation authorizing the exception must be obtained from IES. (Requests for data or amendments to an existing license will only be accepted from the PPO.)
(7) The estimated loan period necessary for accessing the survey database. Loan periods are in one-year increments and may not exceed a five-year period. The loan period starts on the date that IES signs the license document.
An executed License Document is a legally binding agreement.
License Document Checklist | T |
---|---|
Review the appropriate license document. | |
Insert the name of the Agency or organization to be licensed in the appropriate blank(s). | |
The Senior Official (or appropriate government official) signs the license. | |
The Principal Project Officer signs the license. | |
Send the original signed license to the IES Data Security Program. |
An Affidavit of Nondisclosure must be executed for each person who may have data access.
Affidavit of Nondisclosure Checklist | T |
---|---|
Obtain a notarized Affidavit of Nondisclosure from each employee and sub-contractor staff who may come in contact with the subject data. | |
Fill in all requested information on the Affidavit. | |
Send the original signed and notorized Affidavits of Nondisclosure to the IES Data Security Program. |
Appendix G contains a copy of the Affidavit of Nondisclosure form.
In general, an individual who is not an IES employee and who wants access to licensed individually identifiable information must execute an Affidavit of Nondisclosure and submit it, through a licensed organization, to the IES Data Security Program. IES allows up to seven (7) individuals per project to access the subject data. (IES may require that the supervisor of the applicant organization's computer facilities be one of those seven.)
The one-page Affidavit contains:
Affidavits are "survey-specific": they are only valid for the survey(s) listed on the form. Include all surveys and all subsequent followups that will be needed; for example, "the base year survey and all subsequent followups."
Notarized documents cannot be amended by IES. To access a followup of a listed survey or to access a survey that was not listed on the notorized affidavit, another affidavit must be executed.
Organizations must promptly notify IES of any changes in project staff. (See section 2.6, Amending a License.)
The Security Plan Form contains the detailed procedures for protecting the subject data.
Security Plan Form Checklist | T |
---|---|
Review chapter 3, Security Procedures. | |
Fill out the Security Plan Form found in Appendix J. | |
Send the original signed Security Plan Form to the IES Data Security Program. |
Restricted-use data must be kept SAFE at all times. SAFE means that the individually identifiable information is secure from unauthorized disclosure or modification. Security procedures are explained in detail in chapter 3; the Security Plan Form can be found in appendix J. Federal agencies do not need to submit the Security Plan Form. Federal agencies must adhere to the security requirements set forth in the MOU.
Final Product Package Contents | T |
---|---|
The new Licensee receives the final product package, including | |
|
|
|
|
|
The package is sent Restricted Delivery - Certified Mail to the Licensee.
Note: Only one copy of a database in any format can be borrowed at a time. A Licensee who has a copy of the database and wants a revised version must return the original via certified mail before the revised version will be sent. (See section 2.6, Amending a License.)
UNDER NO CIRCUMSTANCES MAY THE ORIGINAL OR A DUPLICATE OF THE DATABASE BE REMOVED OR COMMUNICATED FROM THE LICENSEE'S SITE.
The Licensee is responsible for all terms and provisions in the license document and related materials, including the Security Procedures. (See the appropriate license document in appendix E or F for full requirements.)
This section addresses three of the major administrative requirements-maintaining the License file, with copies of the Executed Affidavits, and submitting research publications-and the Licensee's responsibility to be ready for inspection at all times.
The security requirements are explained in detail in chapter 3.
The Licensee's Principal Project Officer (PPO) is accountable for having all pertinent information in this file.
License File Checklist | T |
---|---|
The Licensee shall maintain a license file at the same facility where the Licensee stores the restricted-use data. The file is to contain the following items: | |
|
|
|
|
|
|
|
|
|
|
All project staff shall both READ and UNDERSTAND this material. All individuals who may have access to the subject data must be fully aware of the required security precautions and procedures. (This is the Principal Project Officer's responsibility.) |
If the Licensee intends to publish any information that would include unweighted sample size numbers, Licensee must submit an advance copy of the document to the IES Data Security Program prior to its publication. Otherwise, the Licensee shall submit to the IES Data Security Program a copy of the final version of each publication or any other data product containing information based on subject data.
Research Publication Checklist | T |
---|---|
The PPO shall forward
a final copy of each publication containing information based on restricted-use
data to the IES Data Security Program.
If the PPO suspects a publication might disclose individually
identifiable information, the PPO must forward an advance (before
public release) copy of that publication to IES for review and
delay public release until formally notified by IES that no potential
disclosures were found. For example, any proposed publication that contains
any unweighted sample size numbers must be submitted to IES for a disclosure
review prior its public release. (IES generally clears all publications
within a week.) When tabulations are produced, any table having a cell
with 1 or 2 unweighted cases must be recategorized to insure that each
cell in the table has at least 3 unweighted cases. This rule excludes
table cells with zero cases because there are no data to protect in the
cell. |
The license (section IV.G) gives IES Data Security Officials the right to conduct unannounced, unscheduled inspections of the Licensee's site to assess compliance with the provisions of the license, Security Procedures, and the Licensee's submitted Security Plan Form. The inspection procedures are described in chapter 4, On-Site Inspections, and a copy of the On-Site Inspection Guideline can be found in appendix K.
Any violation may subject the Licensee to immediate revocation of the license by IES, or report of the violation to the U.S. Attorney.
On-site Inspection Checklist | T |
---|---|
If an on-site inspection is conducted, IES will provide formal notification of any violations in the required security procedures. | |
|
|
|
The Licensee shall notify IES immediately when it receives any legal, investigatory or other demand for subject data, including any request or requirement to provide subject data to any State agency or State contractor, and shall keep a record of how the matter was resolved.
IES shall be kept informed of any modifications in project operations throughout the span of the loan period.
To change any of the terms and conditions agreed upon in the license, the Licensee shall submit a request to the IES Data Security Program. (Including the license number will result in faster turnaround.)
ALL CORRESPONDENCE SHALL BE INITIATED BY THE PRINCIPAL PROJECT OFFICER (or the Senior Official in the PPO's absence).
Addition to Project Staff Checklist | T |
---|---|
Notify the IES of any additions to project staff. | |
Include the notarized Affidavit(s) of Nondisclosure for the additional staff with the letter requesting an amendment. | |
The IES response letter accepting (or rejecting) the proposed amendment is to be kept in the License's file. |
Reduction of Project Staff Checklist | T |
---|---|
Notify IES of any reductions in project staff. | |
Affidavits of personnel withdrawn from the project shall be marked "VOID," or destroyed. | |
The IES response letter or e-mail accepting the proposed amendment is to be kept in the Licensee's file. |
When informed that a Licensee staff person is no longer accessing the restricted-use data, the Data Security staff will mark that person's Affidavit of Nondisclosure "VOID."
A Licensee may request access to another database in addition to what was agreed upon in the original license.
If the database request can be accommodated under the same licensing instrument, then the applicant need only submit the following information to IES:
Requesting an Additional Database Checklist | T |
---|---|
(1) The title of the survey(s) requested | |
(2) A description of the research purpose which necessitates accessing the restricted-use data, and | |
(2) The names of the personnel who will have access to the database. (Include executed Affidavits for any staff who do not have the additional database listed on their original Affidavits.) |
The Data Security Program will review the request. If judged complete, the request for an additional database will be included in the Licensee's file as an amendment to the license instrument and the database will be sent.
Closing-Out Checklist | T |
---|---|
Notify IES in writing that the project necessitating use of the data has been completed. | |
Return the original subject data to IES by certified mail. | |
Return any additional database materials and documentation to IES. | |
Destroy all hard copy versions of subject data and purge all electronic versions, including all copies and subsets, from any computer system used in analysis. |
The Licensee shall return to IES, by certified mail, the data product containing the original subject data and any additional materials and documentation.
The Licensee shall also overwrite the subject data on any computer system used in analysis; that is, totally obliterate erased (deleted) data so that it cannot be recovered by any means. One method would be to use the Norton Utility WIPEINFO, which can be used on single files or entire disks.
The following checklist summarizes the Licensing Procedures for Restricted-Use Data.
ACTIVITY | T |
---|---|
REVIEW REQUIRED PROCEDURES | |
Obtain a copy of the Restricted-Use Data Procedures Manual. | |
|
|
APPLYING FOR A LICENSE | |
Submit the following to the IES Data Security Program (through the electronic application system at: http://nces.ed.gov/StatProg/instruct.asp) - | |
Formal Request: |
|
|
|
Explanation of why the restricted-use data are needed (e.g., instead of the public data version). Explanation of how the statistical research project is consistent with the specific purpose for which the survey was conducted. |
|
|
|
|
|
|
|
|
|
|
|
Send the following three items to the IES Data Security Program. | |
|
|
|
|
|
|
|
|
REQUIRED LICENSEE ACTIVITY | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
AMENDING A LICENSE | |
Licensee must notify IES if there have been any changes to the conditions of the license. | |
|
|
|
|
|
|
|
|
CLOSING-OUT THE LICENSE PERIOD | |
|
|
|
|
|
|
|
|
|
REVIEW |
IES will review the
submitted documents for licence and supporting documentation for
content and completeness. If all requirements have been met, the requested materials will be sent to the new Licensee. UNDER NO CIRCUMSTANCES may the database be removed or communicated from the Licensee's site. |