Child Care and Early Education Research Connections

Skip to main content

Data Confidentiality and Security

This page includes resources related to best practices for implementing data security agreements and addressing confidentiality/privacy issues when using and reporting administrative data.

Bernstein, H., Shaw, E., Walsh, S., Converse, A., Altmaier, F., Kerr, J., Culpepper, B., & Pennington, L. (2019). Menlo Park, CA: The DaSy Center.
Resource Type:
Presentations
State Example?:
Yes

This webinar highlights stories from Part C Coordinators who have or are developing collaborative data sharing agreements that allow them to share Part C data with their Early Hearing Detection and Intervention Program (EHDI).

Shaw, S. H., Lin, V., & Maxwell, K. (2018). Washington, DC: U.S. Administration for Children and Families, Office of Planning, Research and Evaluation.
Resource Type:
Fact Sheets & Briefs
State Example?:
Yes

This resource describes components of a data sharing agreement, outlines steps in developing an agreement, and includes examples of data sharing agreements.

Borkosky, L., Cunningham, J., Cottrell, S., Sellers, J., Frederick, C., Smith, A., Straw, M., Gray, E., & Lemke, R. (2020). Washington, DC: National Center for Education Statistics at IES.
Resource Type:
Fact Sheets & Briefs
State Example?:
Yes

This brief offers an overview of key concepts and content to be covered in privacy and security plans for state longitudinal data systems (SLDS) agencies as well as methods of developing and implementing these plans. It draws on best practices identified by the Privacy Technical Assistance Center (PTAC) and includes examples of privacy and security plans from Wisconsin and Kentucky.

Armstrong, C., Gosa, K., McGrew, C., Patton, J., Ream, D., Rodamar, J., Tay, A. (2020). Washington, DC: National Center for Education Statistics at IES.
Resource Type:
Fact Sheets & Briefs
State Example?:
Yes

To ensure that federally funded work related to statewide longitudinal data systems (SLDS) adequately protects the privacy and well-being of the individuals whose data they contain, the US Department of Education (ED) requires states to have their SLDS grant-funded projects undergo the same processes as other research grants to determine whether they require institutional review board (IRB) approval. This publication describes ED's IRB requirement for SLDS grantees and offers expert perspectives and tips for states approaching the IRB review process.

Cottrell, S., Watson, J., Gray, E., Lemke, R., Nesmith, K., and Wisnia, E. (2020). Washington, DC: National Center for Education Statistics at IES.
Resource Type:
Fact Sheets & Briefs
State Example?:
Yes

This spotlight highlights two states, California and Louisiana, with laws that strongly regulate data access. It describes how their state education agencies have adapted their data management and data use procedures to comply with state requirements while continuing to meet their reporting and operational needs.

National Center for Education Statistics. (n.d.). Washington, DC: National Center for Education Statistics.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

This document is intended to assist elementary and secondary schools and local educational agencies (LEAs or "districts") in achieving greater transparency with respect to their data practices.

Thornburg, K., & Rodriguez, B. (2014). Washington, DC: Early Learning Challenge Technical Assistance Program.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

This brief summarizes of a webinar on confidentiality issues faced by early childhood education programs that manage, view, and share data on children and/or interface with integrated and longitudinal data systems. It addresses select restrictions in place under Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act (HIPPA), and includes a list of commonly-asked questions and answers on the topic as well as a record of those asked and answered during the webinar.

ACF Interoperability Initiative. (2014). Washington, DC: U.S. Administration for Children and Families.
Resource Type:
Tools
State Example?:
No

The Administration for Children and Families (ACF) developed this Confidentiality Toolkit to help jurisdictions successfully navigate the delicate balance between privacy and security with the delivery of efficient and effective services. The Confidentiality Toolkit analyzes, explains and aids states and local jurisdictions in the navigation of a number of federal laws that impact the implementation of human services. Embedded throughout are success stories and sample documents from across the country from which jurisdictions using the Toolkit can borrow freely. This Toolkit has been developed for leaders in the human service field, to support their best efforts to share information across silos. (author abstract)

Privacy Technical Assistance Center, & DaSy Center. (2014). Washington, DC: Privacy Technical Assistance Center.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

This document is intended to assist early childhood stakeholders in maintaining compliance with privacy and confidentiality requirements under IDEA and FERPA. It reviews the terminology used to describe data de-identification as well as related concepts and approaches; provides general best practice de-identification strategies and statistical techniques to protect children against data disclosures; and identifies additional resources on applicable IDEA and FERPA requirements.

Privacy Technical Assistance Center. (2011). Washington, DC: Privacy Technical Assistance Center.
Resource Type:
Checklists
State Example?:
No

This checklist is designed to assist stakeholder organizations with establishing and maintaining a successful data governance program by summarizing the key data privacy and security components of such a program and listing specific best practice action items.

Privacy Technical Assistance Center. (2011). Washington, DC: Privacy Technical Assistance Center.
Resource Type:
Checklists
State Example?:
No

This checklist is designed to assist stakeholder organizations with developing and maintaining a successful data security program by listing essential components that should be considered when building such a program, with focus on solutions and procedures relevant for supporting data security operations of educational agencies.

Privacy Technical Assistance Center, & DaSy Center (2014). Menlo Park, CA: DaSy Center.
Resource Type:
Reports & Papers
State Example?:
No

This 2014 document is an adaptation of the 2012 release of "Data Sharing Agreement Checklist" intended for K-12 audiences. Presented as a checklist, the document summarizes the requirements for the written agreements under the audit or evaluation exception that is specified in FERPA and that also applies to the IDEA for Part C early intervention and Part B 619 preschool special education.

Privacy Technical Assistance Center. (2015). Washington, DC: Privacy Technical Assistance Center.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

The purpose of this checklist is to define a data use policy and provide best practices for using student data.

U.S. Office of Management and Budget. (2016). Washington, DC: U.S. Office of Management and Budget.
Resource Type:
Reports & Papers
State Example?:
No

This white paper reviews some of the most relevant U.S. privacy laws and discusses how they provide a strong legal framework that governs Federal agencies, using the Census Bureau's Data Stewardship program as a case study. The paper then considers a range of protocols used by different agencies to provide researcher access to restricted data, such as the National Center for Education Statistics data licensing program.

National Center for Education Statistics. (n.d.). Washington, DC: National Center for Education Statistics.
Resource Type:
Tools
State Example?:
No

The Statewide Longitudinal Data Systems Grant Program offers a variety of support resources.

National Committee on Vital and Health Statistics. (2015). Hyattsville, MD: National Center for Health Statistics.
Resource Type:
Reports & Papers
State Example?:
No

The Toolkit briefly introduces each important principle of data stewardship for communities using health data. It provides both broad background information and tips for data users. Descriptions of stewardship principles are provided, along with checklists for each principle.

Brady, H. E., Grand, S. A., Powell, M. A., & Schink, W. (2002). In M. Ver Ploeg, R. A. Moffitt, & C. F. Citro (Eds.), Studies of welfare populations: Data collection and research issues: Panel on Data and Methods for Measuring the Effects of Changes in So
Resource Type:
Book Chapters
State Example?:
No

In this paper we consider ways to facilitate researchers' access to administrative data collected about individuals and their families in the course of providing public benefits. In most cases, applicants to social welfare programs are required to disclose private information deemed essential to determining eligibility for those programs. Individuals who are otherwise eligible for services but who refuse to provide information may be denied those services. Most people forgo privacy in these circumstances; that is, they decide to provide personal information in order to obtain public benefits. They believe that they have little choice but to provide the requested information. Consequently, it is widely agreed that the uses of this information should be limited through confidentiality restrictions to avoid unwanted disclosures about the lives of those who receive government services.

U.S. Office of Management and Budget. (2016). Washington, DC: U.S. Office of Management and Budget.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

This white paper details many of the barriers to using administrative data for evidence-building and how resource and capacity concerns can constrain the functional access and use of data even when legal and policy issues are resolved. The paper also provides a case study on how these barriers interact with access to various sources of wage data for evidence-building purposes.

Privacy Technical Assistance Center. (2014). Washington, DC: Privacy Technical Assistance Center.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

This document provides an overview of various methods for disposing of electronic data, and discusses how these methods relate to legal requirements and established best practices for protecting student information.

Privacy Technical Assistance Center. (2015). Washington, DC: Privacy Technical Assistance Center.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

The purpose of this document is to provide a case study to illustrate best practices for minimizing access to sensitive information with education data maintained in a statewide longitudinal data system.

Petrila, J. (2015). Paper presented at the Office of Planning, Research, and Evaluation meeting, The Promises and Challenges of Administrative Data in Social Policy Research, Washington, DC.
Resource Type:
Presentations
State Example?:
No

This presentation acknowledges the various legal, technical, and political barriers faced when trying to access and use administrative data.

Lin, V. K., Epstein, D., & Maxwell, K. L. (2016). Bethesda, MD: Child Trends.
Resource Type:
Reports & Papers
State Example?:
No

This report provides practical steps for how to establish a data governance structure.

Shaw, S., Lin, V., & Maxwell, K. (2018). Bethesda, MD: Child Trends. Washington, DC: Office of Planning, Research, and Evaluation Administration for Children and Families, U.S. Department of Health and Human Services.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

This resource provides guidance for preparing data sharing agreements for administrative data. It builds on existing materials by pulling together relevant information from multiple sources into one document and sharing guidance from researchers with experience developing such agreements. It also includes examples of data sharing agreements (see Appendix A).

Hendley, L., Gold, A., & Pettit, K. (2018). Washington, DC: National Neighborhood Indicators Partnership.
Resource Type:
Reports & Papers
State Example?:
No

To help groups improve their data policies and practices, this guide assembles lessons from the experiences of partners in the National Neighborhood Indicators Partnership network and similar organizations. The guide presents advice and annotated resources for: protecting privacy and human subjects, ensuring data security, and managing the data life cycle. While applicable for non-sensitive data, the guide is geared for managing confidential data, such as data used in integrated data systems or Pay-for-Success programs.

Future of Privacy Forum. (2018). Washington, DC: Future of Privacy Forum.
Resource Type:
Tools
State Example?:
No

This toolkit provides tools for integrating data for policy and program improvement in government setting. In addition to a step-by-step guide to communication and engagement on data privacy, the toolkit includes action-oriented appendices, including worksheets, checklists, exercises, and additional resources.

Bui Lin, V., & Shea Crowne, S. (2020). Bethesda, MD: Child Trends.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

Home visiting programs typically collect sensitive information about family characteristics, risk factors, and services received. States may choose to integrate these data with other early childhood data to learn more about the reach and effectiveness of the services and supports that families receive. As more states begin to integrate data across early childhood programs, data integration leaders should consider how the privacy and security of home visiting data are maintained when shared across organizations or integrated with other early childhood data. (author abstract)

Data Quality Campaign. (2015). Washington, DC: Data Quality Campaign.
Resource Type:
Tools
State Example?:
No

This document provides specific, practical recommendations for state education agencies as they safeguard student data and review and update their data privacy policies and practices to address changes in technology.

Statewide Longitudinal Data Systems Grant Program. (2020). Washington, DC: National Center for Education Statistics.
Resource Type:
Fact Sheets & Briefs
State Example?:
No

This spotlight highlights two states, California and Louisiana, with laws that strongly regulate data access. It describes how their state education agencies have adapted their data management and data use procedures to comply with state requirements while continuing to meet their reporting and operational needs. (author abstract)

Privacy Technical Assistance Center. (2019). Washington DC: U.S. Department of Education.
Resource Type:
Tools
State Example?:
No

The Data Destruction Document is a best practices guide on properly destroying sensitive student data after it is no longer needed. It details the life cycle of data and discusses various legal requirements relating to the destruction of data under FERPA, and examines a variety of methods for properly destroying data. The guide also discusses best practices for data destruction and provides some real-world examples of how to implement it within your organization. (author abstract)

The resources on this page were compiled by the Child Care Administrative Data Analysis Center (CCADAC), a project carried out by Child Trends and the Child Care Research and Evaluation Capacity Building Center, a project carried out by the Urban Institute. Both projects are funded by the Office of Planning, Research, and Evaluation, Administration for Children and Families, U.S. Department of Health and Human Services.