Providing Access to Your Data: Handling sensitive data Modules should be 3-7 minutes long Robert R. Downs, PhD Socioeconomic Data and Applications Center (SEDAC) Center for International Earth Science Information Network (CIESIN) Columbia University Version 1.0 Review Date

Overview Some data are sensitive and may require special handling. Data may be designated as sensitive for various reasons. The designation of data as sensitive may be permanent or temporary. Sensitive data must be identified and properly handled to ensure that any sensitive information is not compromised. Data managers must ensure that sensitive data are adequately protected so that they are not accessed or modified by unauthorized persons and are not lost or misused. Data users must ensure that their handling or use does not violate any restrictions that have been placed on sensitive data that they use.

Relevance to Data Management Data may be designated as sensitive to protect individuals and other life forms, property, programs, or other interests. Laws, regulations, or policies may designate data as sensitive. Licenses and agreements may specify requirements to protect data. Security: data about locations or property that cannot be disclosed. Privacy and civil rights: personal or information identifying individuals. Environmental information about locations or inhabitants that need to be protected. Proprietary information about new developments or technologies. Violating restrictions that have been placed on sensitive data is unethical and could result in civil or criminal penalties, such as fines, loss of privileges, or incarceration.

Definition of sensitive information “any information, the loss, misuse, or unauthorized access to or modification of which could adversely affect the national interest or the conduct of Federal programs, or the privacy to which individuals are entitled under section 552a of title 5, United States Code (the Privacy Act), but which has not been specifically authorized under criteria established by an Executive order or an Act of Congress to be kept secret in the interest of national defense or foreign policy” (Computer Security Act of 1987)

How are sensitive data handled? Access and use Sensitive data must be protected to limit who may have access or how they are used. Authorization for access may be limited to specific individuals or specific purposes. Sensitive data may require additional security, monitoring, and loss prevention. Safeguards may need to limit modifications or derivations of sensitive data. Restrictions may limit whether sensitive data may be used in products or services. Dissemination and copies Restrictions may limit who is authorized to distribute the data, how the data may be distributed, and whether copies of the data may be created. Distribution of sensitive data may be limited to a specific location or service. Distribution may be limited to a specific time period, which may be in the future. Distribution of data and derived products or associated services may be limited.

Methods for handling sensitive data Identify data that must be designated as sensitive. Designate data that are sensitive and label as sensitive. Store sensitive data in secure facilities. Transport sensitive data using secure means. Include with sensitive data, a description of the conditions for handling sensitive data along with acceptable uses. Establish infrastructure and procedures for storing, managing, disseminating, accessing, copying, transmitting, and using sensitive data. Train staff on how to protect sensitive data from unauthorized use.

Methods of providing access to sensitive data Limit access to authorized individuals or roles Enable access within a facility only accessible by authorized persons. Limit access to authorized individuals with password-protection. Establish a data enclave without capabilities to copy or transmit data. Provide options for authorizing access to sensitive data Require evidence of approval or expertise. Require users to sign a confidentiality, non-disclosure, or data use agreement. Require approval of data protection plan from potential users. Request an exception or waiver of restrictions under certain conditions. Request clearance for specific individuals to access sensitive data. Request declassification of sensitive data from relevant authority. Modify the data to protect sensitive portions Change aspects of data that are sensitive (recode, generalize) Remove or obscure the portions of data that are sensitive (redact)

Providing access to sensitive data Review or establish organizational policies on sensitive data Identify conditions under which sensitive data may be disseminated. Select a dissemination method that does not violate restrictions. Create a data dissemination plan for sensitive data. Request approval from authorities for data dissemination plan. Disseminate data in accordance with data dissemination plan. Monitor data dissemination to ensure compliance with all restrictions on sensitive data. Cease dissemination if restrictions on sensitive data are violated and immediately report any violations to authorities.

References and Resources Where to go for more information Best Practices for Sharing Sensitive Environmental Geospatial Data http://www.geoconnections.org/publications/Key_documents/Sensitive_Env_Geo_ Data_Guide_EN_v1.pdf Computer Security Act of 1987 http://csrc.nist.gov/groups/SMA/ispab/documents/csa_87.txt Confidentiality Issues in Geospatial Data Applications http://sedac.ciesin.columbia.edu/confidentiality/ Dealing With Sensitive Data http://www.dcc.ac.uk/events/research-data-management-forum/rdmf4-dealing- sensitive-data ICPSR – Restricted Data http://www.icpsr.umich.edu/icpsrweb/ICPSR/access/restricted/ Guidelines for Providing Appropriate Access to Geospatial Data in Response to Security Concerns http://www.fgdc.gov/policyandplanning/Access%20Guidelines.pdf

Other Relevant Modules Data Management Plans: Data access, sharing, and re-use policies Responsible data use: Data restrictions Providing access to your data: Rights Submission agreements: Constraints