Studies of Welfare Populations Data Collection and Research Issues (2002) / Chapter Skim
Currently Skimming:
8 Access and Confidentiality Issues with Administrative Data
8 Access and Confidentiality Issues with Administrative Data
Pages 220-274
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 220... ...
This shift poses new challenges for both monitoring and evaluating TANF program strategies. Evaluating the full impact of welfare reform requires information about how TANF recipients use TANF, how they use other programs such as child support enforcement, the Food Stamp Program, employment assistance, Medicaid, and child protective services and how they fare once they enter the job market covered by the Unemployment Insurance (UI)
|
From page 221... ...
Yet this information is crucial for evaluating the impacts of programs and for finding ways to improve them. Making the 1996 welfare reforms work, for example, requires that we know what happens to families as they use TANF, food stamps, the child support enforcement system, Medicaid, child protective services, and employment benefits such as the UI system.
|
From page 222... ...
The regulatory and legal framework for dealing with privacy and confidentiality has evolved enormously over the past 30 years to meet some of the challenges posed by computerization, but it has not dealt directly with the issues facing researchers and evaluators. There is a good deal of literature on the laws and regulations governing data sharing for program administration, much of which presupposes limiting access to these data for just program administration in order to avoid or at least limit unwanted disclosures.
|
From page 223... ...
funded welfare leavers studies, of how states have facilitated data matching and linkage for research despite the many obstacles they encountered. Based on our interviews with those performing studies that involve data matching, we identify and describe 12 principles that facilitate it.
|
From page 224... ...
ADMINISTRATIVE DATA, CONFIDENTIALITY, AND PRIVACY: DEFINITIONS AND LEGAL FRAMEWORK Administrative Data, Matched Data, and Data Linkage Before defining privacy and confidentiality, it is useful to define what we mean by administrative data, matched data, and data sharing. Our primary concern is with administrative data for operating welfare programs "all the information collected in the course of operating government programs that involve the poor and those at risk of needing public assistance" (Hotz et al., 1998:81~.
|
From page 225... ...
Linkages were most common within public assistance programs (AFDC/TANF, Food Stamp Program, and Medicaid) , but a majority of states also had projects linking public assistance data to Job Opportunities and Basic Skills, UI earnings, or child support data.
|
From page 226... ...
J / 50% _ ~: T77% / ~ JOBS ~ - \ 64% J 36% ~ ~ 45% \~` 41% Child care 45% / fig 8-1 , _ _ Child support 36% \ Closer circles represent programs that are more likely to have been linked FIGURE 8-1 Percent of states with projects linking data from social service programs.
|
From page 227... ...
When agencies engage in data sharing, the technical problems of getting matched data for research and policy analysis are easily surmounted because information from a variety of programs is already linked. But matched and linked data sets for research and policy analysis can be created without data sharing, and data matching poses far fewer disclosure risks than data sharing because identifi2Note that we are using the term "data sharing" in a fashion that is much narrower than its colloquial meaning.
|
From page 228... ...
The starting place for understanding how to attend to these considerations is to review the body of law about privacy and confidentiality and the definitions of key concepts that have developed in the past few decades. After defining the concepts of privacy, disclosure, confidentiality, and informed consent, we then briefly review existing federal privacy and confidentiality laws.
|
From page 229... ...
Attribute disclosure occurs when sensitive information about a person is released through a data file. Inferential disclosure occurs when "released data make it possible to infer the value of an attribute of a data subject more accurately than otherwise would have been possible" (National Research Council and Social Science Research Council, 1993:144~.
|
From page 230... ...
Another definition of confidentiality is more explicit about who determines authorization. Confidentiality is the agreement, explicit or implicit, made between the data subject and the data collector regarding the extent to which access by others to personal information is allowed (National Research Council and Social Science Research Council, 1993:22~.
|
From page 231... ...
Informed Consent and Notification The strongest form of explicit agreement between the data subject and the data collector regarding access to the personal information collected is informed consent. An underlying principle of informed consent is that it should be both informed and voluntary.
|
From page 232... ...
It is also possible that data users may want to use the data for reasons not previously anticipated when the data were originally collected and, hence, not described when informed consent was initially granted from data providers. In such cases, data users may need to recontact data providers to see if providers are willing to waive confidentiality or data access provisions covering their data for the new uses of the data.
|
From page 233... ...
Advisory Committee on Automated Personal Data Systems, Records, Computers and the Rights of Citizens published these principles in the report, Records, Computers, and the Rights of Citizens. These principles have served as the basis for formulation of the federal Privacy Act of 1974, the Freedom of Information Act, and subsequent federal laws and regulations.
|
From page 234... ...
These include the Privacy Act of 1974 and the Data Matching and Privacy Protection Act of 1988.6 Privacy Act of 1974 The Privacy Act of 1974 was born out of the Watergate scandal in response to public outcry against the many invasions of privacy that occurred in that case. The concern was focused on the government's collection and disclosure of personal information.
|
From page 235... ...
Data Matching and Privacy Protection Act of 1998 In response to concerns about computer matching and perceived attempts by government agencies to circumvent the Privacy Act, Congress passed the Computer Matching and Privacy Protection Act of 1988 (and amendments to this new Act in 1990~. Although no new standard is established by this Act, it creates procedural requirements for agencies that engage in computer matching.
|
From page 236... ...
The review of all federally funded research by IRBs is the principal mechanism by which these safeguards are implemented, and informed consent is the primary way that IRBs ensure that human subjects are protected. However, an IRB may waive some or all elements of informed consent under a number of circumstances.l° Research involving the use of educational testing, surveys, and interviews is entirely exempt from review if individual identities cannot be established from the information so obtained.
|
From page 237... ...
For example, the confidentiality of administrative data might be protected without informed consent through the development of procedures such as the Data Integrity Boards and other mechanisms created by the Privacy Act and the Computer Matching and Privacy Protection Act. At the moment, however, IRBs rely heavily on informed consent, and they typically have only a limited understanding of the intricacies of matching administrative data and the laws regarding confidentiality.
|
From page 238... ...
Table 8-1 indicates the presence of general state privacy protections for the states in which there are ASPE welfare leavers studies (Smith, 1999~.12 It shows that state privacy laws cover a broad range of issues from arrest records to wiretaps, ..
|
From page 239... ...
GRAND, M ANNE POWELL AND WERNER SCHINK 239 TABLE 8-1 Privacy Laws in States with Welfare Leavers Studies AZ CA DC FL GA IL MD MA MO NJ NY NC OH PA SC TX WA US Arrest records x x x x x x x x x x x x x x x Computer crime x x x x x x x x x x x x x x x x x Credit x x x x x x x x x x x x Criminal justice x x x x x x x x x x x x x Employment x x x x x x x x x x x x x x Government x x x x x x x x x x x x x x x x data banks Insurance x x x x x x x x x x x x x x Medical x x x x x x x x x x x x x x x x Polygraphing x x x x x x x x x x x x x Privacy statutes x x x x x x x x x x x x x x Privileges x x x x x x x x x x School records x x x x x x x x x x x x Social Security x x x x x x x numbers Tax records x x x x x x x x x x Testing x x x x x x x Wiretaps x x x x x x x x x x x x x x x x Miscellaneous x x x x x x NOTE: An x indicates that the state law covers the subject (but not necessarily that the law affords a great deal of privacy protection)
|
From page 240... ...
Moreover, most of the states, with the exception of Maryland, paid little heed to researchers' needs. Maryland's statutes specifically authorize public agencies to grant researchers access to personal information under specified conditions.
|
From page 241... ...
To identify these methods, we interviewed researchers and state administrators working in federally funded welfare leavers projects. Because of the complexity of the lives of individuals leaving welfare, these studies require diverse Basic information about state privacy laws is available in a recent publication, Compilation of State and Federal Privacy Laws (Smith, 1999)
|
From page 242... ...
This research began by reviewing the findings from the inventory of research uses of social services administrative data in 26 states that UC DATA completed in 1999. A series of questions then was developed as the basis for telephone interviews with the state officials and researchers conducting ASPE-funded Welfare Leavers Studies.
|
From page 243... ...
See Table 8-2 for a complete listing of examples of the principles in the Welfare Leavers Study sites. Data Access Principles Regarding the Organization with the Data Principle 1: Strong Political or Administrative Leadership We found that many new and established data-matching projects were successful because they had the interest or patronage of well-connected or inspiring
|
From page 244... ...
of Human Services Arizona: ADES Data Mart Florida: Florida Education & Training Program Placement Information Program Illinois: Chapin Hall, University of Chicago South Carolina: Budget & Contracts Board Texas: State Occupational Information Coordinating Committee Washington State: Internal Review Board California: Family Health Outcomes Project The Characteristics of Requesting Organization 7. Reputation and/or integrity California: RAND Illinois: Chapin Hall, University of Illinois Massachusetts: Center for Survey Research at University of Massachusetts-Boston Ohio: Manpower Demonstration Research Program (MDRC)
|
From page 245... ...
contracts in writing 11. Congruence of research to agency goals demonstrated benefits to participating organizations California: UC Data, RAND Ohio: Case Western Reserve University California Georgia Illinois Missouri New York Ohio South Carolina Washington State Washington, DC Wisconsin Arizona California CalWORKs California Leavers Studies Florida Georgia Illinois Massachusetts Missouri New York Ohio South Carolina Washington State Washington, DC Wisconsin continues
|
From page 246... ...
In Illinois, the decisions to link data were made by Department of Human Services administrators who were supporting the Welfare Leavers Study.
|
From page 247... ...
Success in data-linking projects requires staff dedicated to shepherding data requests through the complexities of confidentiality requirements and data access issues. Although lawyers are often assigned these tasks because of their knowledge of statutorily defined notions of confidentiality, experienced government staff with a research bent must be involved as well in order to explain the technical aspects of data linking.
|
From page 248... ...
In addition to these documents, there should be an archive of exemplary memorandums of understanding, letters of understanding, contracts for goods and services, data access agreements, and confidentiality agreements for use among state agencies or between state agencies and nongovernmental organizations. These documents should have explicit sections on the maintenance of data security and confidentiality, similar to the protocol described.
|
From page 249... ...
Although this does not eliminate the need for appropriate bureaucratic negotiation on data access, in most cases it makes the process easier. One respondent referred to the Illinois Department of Human Services as a "super agency." The department handles data for AFDC/TANF, the Food Stamps Program, Substance Abuse, Mental Health, Special Supplemental Nutrition Program for Women, Infants, and Children (WIC)
|
From page 250... ...
The Welfare Leavers Study grantee (South Carolina Department of Social Services) negotiated data access through the SC BCB and conducted their analysis inhouse.
|
From page 251... ...
The staff provide research and analysis for many of the separate agencies on an ad hoc and a contractual basis. In Washington State, the Institutional Review Board serves a role as a central place to resolve legal issues of data access.
|
From page 252... ...
Data Access Principles That Have to Do With the Characteristics of Requesting Organization Principle 7: The Reputation and Integrity of the Requesting Organization Engenders Trust In many cases, we found that the reputation of the requesting agency was a major factor in successfully obtaining approval for the use of administrative data.
|
From page 253... ...
Principle 8: Trust Between Organizations, a History of Working Together, and Strong Personal Relationships Of all the guiding principles, trust between organizations appears to make the most wide-ranging contribution to successful data access. In our interviews with Welfare Leavers Study grantees, and in discussions with other researchers and state and nongovernmental staff, we learned of countless longstanding relationships between departments, between organizations, and between individuals.
|
From page 254... ...
Furthermore it allows the requesting agency to respond quickly to data access opportunities without having to reinvent the wheel. UC Data Archive and Technical Assistance at the University of California, at Berkeley has a Manual on Confidentiality and Security, which includes exemplar contracts, personal security agreements, and description of extensive data security procedures.
|
From page 255... ...
GRAND, M ANNE POWELL AND WERNER SCHINK 255 the procedures requested by state agencies for protecting the confidentiality of individuals in research projects using administrative microdata files: Prohibition on redisclosure or rerelease.
|
From page 256... ...
The importance of studying welfare leavers and the federal funding of the studies helped to facilitate data access. More generally, researchers find that they have greater access to data when there is obvious congruence between their research goals and the agency's need to comply with federal or state requirements, e.g., waiver demonstrations, reporting of performance measures, or completing of specified grant-related evaluations.
|
From page 257... ...
They not only provide state officials with something for the trouble of making data available, but they also provide proof to legislators and the general public that data access provides substantial public benefits.~7 Data Access Principles That Have to Do with the Legal or Statutory Authority Principle 12: Statutory Language Authorizes or Is Broadly Interpretable to Authorize Data Access for Researchers As discussed earlier, lawmakers have written legislation that protects the privacy of individuals but makes no distinction between research uses and disclosure of personal information. State agencies sometimes have overcome the legislative restrictions by accommodating researchers through a broad interpretation of the statutory "routine use" and/or "program purposes" clauses.
|
From page 258... ...
Requiring informed consent for the use of data can be thought of as an institutional method for restricting access, but it may be impractical or it may be inadequate in many cases. Once data have been collected in an administrative system, it is nearly impossible to go back and obtain informed consent, but perhaps more importantly, informed consent might not really serve the purposes of individuals who cannot easily judge the costs and benefits of the various ways data might be used.
|
From page 259... ...
As row and column totals generally are provided in tabular data, there is a further requirement when suppressing cells to identify complementary cells that are also suppressed to ensure that suppressed data cannot be imputed. The identification of complementary cells and ensuring that suppressed cells cannot be imputed generally requires judgments of which potential complementary cells are least important from the vantage of data users.
|
From page 260... ...
One confidentiality edit procedure called "swapping" is to identify households in different communities that have a certain set of identical characteristics and swap their records. The Census Bureau used this procedure in developing some detailed tabulations of the 100-percent file.
|
From page 261... ...
For example, the Census Bureau restricted the geography for the Public Use Microdata Sample for the 1990 Census to areas with populations of at least 100,000. · Limiting the number of data elements in a file reduces the probability that an individual can be uniquely identified.
|
From page 262... ...
The goal of the CRDCs is to improve the quality of census data by getting researchers to use the data in new ways that push the data to their limits. The centers are locked and are secure facilities where researchers can come to work on microdata, but only after they have developed a proposal indicating how their work will help to improve the data and signed a contract promising to meet all the obligations to protect it required of Census Bureau employees.
|
From page 263... ...
Summary of Alternatives for Ensuring Confidentiality Both data alteration and institutional restrictions hold promise for making data accessible while protecting confidentiality. Both approaches are still in their
|
From page 264... ...
SUMMARY AND RECOMMENDATIONS Summary Matching and linking administrative data can be a great boon to researchers and evaluators trying to understand the impacts of welfare reform, but researchers sometimes find that they cannot access administrative data because of concerns about individual privacy, the ambiguity of statutory authority, and agency fears about public scrutiny. Concerns about individual privacy and the desire to protect confidential data have grown dramatically in the past decade.
|
From page 265... ...
that facilitate data access. We found many instances where administrative data were used successfully, but the legal, technical, and institutional situation is parlous.
|
From page 266... ...
Although this study focused on data sharing and these five states' experiences with regard to environmental programs, the conclusions clearly extend to data access in other topical areas.
|
From page 267... ...
Technical Issues New techniques may make it easier to protect data making the data accessible to researchers: 3. Develop better methods for data alteration, especially "simulated" data.
|
From page 268... ...
One way to get a critical mass of people who can help researchers is to develop data archives and data brokers whose job is to collect data and make the data available within the agency and to outside researchers. In our presentation of Data Access Principle 5, we described several models for what might be done to create central clearinghouses that negotiate and assist in legal and technical issues related to data access.
|
From page 269... ...
Jabine, Thomas B 1999 Procedures for restricted data access.
|
From page 270... ...
1999 Checklist on Disclosure Potential of Proposed Data Releases. Prepared by the Interagency Confidentiality and Data Access Group: An Interest Group of the Federal Committee on Statistical Methodology, July.
|
From page 271... ...
§10-624. Personal records (c)
|
From page 272... ...
(2) A state agency may authorize or provide access to or provide copies of an individually identifiable personal record for research purposes without the informed consent of the person to whom the record pertains or the person's legally authorized representative, only if: (a)
|
From page 273... ...
GRAND, M ANNE POWELL AND WERNER SCHINK 273 the research purposes cannot be reasonably accomplished without disclosure of the information in individually identifiable form and without waiver of the informed consent of the person to whom the record pertains or the person's legally authorized representative, that disclosure risks have been minimized, and that remaining risks are outweighed by anticipated health, safety, or scientific benefits; and (b)
|
From page 274... ...
or negligent, by a research professional who has obtained an individually identifiable personal record or record information from a state agency pursuant to RCW 42.48.020~2) is a gross misdemeanor.
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.