SECURE STORAGE OF ABS MICRODATA
ABS microdata (unit record data) must be stored in a manner that ensures unauthorised access does not occur. Basic Confidentialised Unit Record Files (CURFs) and some output from the Remote Access Data Laboratory (RADL) analysis may need to remain in secure storage.
MICRODATA AND OUTPUTS REQUIRING SECURE STORAGE
Examples of microdata and outputs that must be kept secure, whether in electronic form or hard copy:
MICRODATA OUTPUT WHICH CAN BE DISCLOSED
- unit record data
- tabulations containing less than 3 unweighted contributing sample unit records
- data that has been released from the RADL with the 'Keep Secure' condition (see below for further information)
- details of unusual unit records that require special analysis in modelling.
Aggregate outputs of your research may be shared or published. Examples of data that do not reveal microdata and are not required to remain in a secure environment include:
- tabulations containing cells with 3 or more unweighted contributing sample units
- details of fitted models, such as regression parameters
- summary and test statistics from estimates
- linear and non-linear regression coefficients
- cleared DataLab output
- RADL outputs automatically returned to the user, not output labelled 'Keep Secure'.
The following requirements apply for microdata and outputs which must be kept secure.
RADL 'KEEP SECURE' OUTPUT
- Any computer on which ABS microdata is stored must be kept in a locked room and/or have password protection to prevent access by others.
- Any information or results stored on a computer network must be kept in a directory with suitably restricted access.
- Any printouts or any physical media containing microdata (such as a CD-ROM provided by the ABS) must be kept in a locked room or secured in a locked cabinet when the researcher is not present.
- You must keep track of datasets and printouts that reveal microdata, so that they can be destroyed when they are no longer needed.
- You must immediately report any security incidents relating to microdata to the ABS.
- You must comply with any instructions from the ABS relating to the storage of microdata.
- Your organisation must provide a secure means to delete computer files so microdata cannot be recovered by an unauthorised person.
The RADL may hold output if it fails automated system protections, which an ABS officer will review. If the ABS officer decides that the output can be released to the user, but is too detailed for general release, the file will be provided as 'Keep Secure' output. This classification requires that the output be treated as highly confidential at all times. 'Keep Secure' output includes any printouts of unit record information, as well as analytical output that has been designated as 'Keep Secure'. 'Keep Secure' output cannot be shared between users who do not have access to the source microdata, nor with users in other organisations unless approval has been provided by the ABS. Such output may be used in further analysis, but cannot be published.