Secure storage of microdata
Storing microdata and outputs securely, basic and detailed microdata output requirements
Microdata and outputs requiring secure storage
Microdata (unit record data) must be stored in a manner that ensures unauthorised access does not occur. You must securely store the following microdata and outputs, whether in electronic form or hard copy:
- basic microdata files
- working files and output from basic microdata that include unit record data
- tabulations containing less than 3 unweighted contributing sample unit records
- details of unusual unit records that require special analysis in modelling
Basic microdata and output storage requirements
- Any computer on which microdata is stored must have password protection and/or be kept in a locked room to prevent access by others.
- Any information or results stored on a computer network must be kept in a directory with suitably restricted access.
- Any printouts or physical media containing microdata must be kept in a locked room or secured in a locked cabinet when the researcher is not present.
- You must keep track of datasets and printouts that reveal microdata, so that they can be destroyed when they are no longer needed.
- You must immediately report any security incidents relating to microdata to the ABS.
- You must comply with any instructions from the ABS relating to the storage of microdata.
- Your organisation must provide a secure means to delete computer files so microdata cannot be recovered by an unauthorised person.
Basic microdata output that can be disclosed
Aggregate outputs from your basic microdata research may be shared or published. Examples of outputs that do not reveal microdata and are not required to remain in a secure environment include:
- tabulations containing cells with 3 or more unweighted contributing sample units
- details of fitted models, such as regression parameters
- summary and test statistics from estimates
- linear and non-linear regression coefficients
DataLab output and working files that are within the DataLab system must not be removed or shared with any other person. This includes not capturing any on-screen information or discussing uncleared DataLab output with users who have not been approved for that microdata or project.
To use or share DataLab output outside the DataLab system, you must request clearance of any DataLab output by an ABS officer. DataLab output that has been cleared by the ABS may be shared or published and does not need to be securely stored.
DataLab projects may involve collaboration with other researchers in your organisation or in other organisations. See Collaborating on microdata research for further information about how you can work safely with DataLab collaborations and project workspaces.