BEYOND LEGAL FRAMEWORKS AND SECURITY CONTROLS FOR ACCESSING CONFIDENTIAL SURVEY DATA IN THE UNITED STATES: ENGAGING DATA USERS IN DATA PROTECTION.

Abstract

With growing demand for data reuse and open data within the scientific ecosystem, protecting the confidentialy of survey data and privacy of data subjects is increasingly important. Doing so requires more than legal procedures and technological controls; it requires social and behavioral intervention. In this research note, we delineate the disclosure risks of various types of survey data (e.g., longitudinal data, social network data, sensitive information, biomarkers, and geographic data), the current motivation for data reuse, and challenges to data protection. Despite rigorous efforts to protect data, there are still threats to protection of confidentiality in microdata. Unintentional data breaches, protocol violations, and data misuse are observed even in well-established restricted data access systems, indicating that the systems may all rely heavily on trust. Creating and maintaining that trust is critical to secure data access. We suggest four ways of building trust; User-Centered Design Practices; Promoting Trust for Protecting Confidential Data; General Training in Research Ethics; and Specific Training in Data Security Protocols, with an example of a new project 'Researcher Passport' by the Inter-university Consortium for Political and Social Research. Continuous user-focused improvements in restricted data access systems are necessary so that we promote a culture of trust among the research and data user community, train both in the general topic of responsible research and in the specific requirements of these systems, and offer systematic and holistic solutions.