Access to Restricted-Use Data

Restricted-use data are distributed when removing potentially identifying information from a dataset would significantly impair its analytic potential. NAHDAP includes restricted-use data in its holdings.

Since RUFs retain more than minimal risk for reidentification of a research subject and potential harm through use of the data, access to RUFs is granted through controlled conditions to vetted researchers and sponsor-supervised students. Researchers who apply to access restricted data should expect the application review process to take 2-4 weeks on average.

Methods of Accessing Restricted-Use Data

NAHDAP offers two methods of restricted-use data access:

  • Secure dissemination - Data are encrypted and delivered via download to the researcher. When the request is approved, the Investigator receives a temporary link and password to download the restricted-use files. For some studies, data are sent to researchers on encrypted CDs through the postal service, signature required. The researcher must destroy any copies of the data at the completion of the project.
  • Virtual Data Enclave (VDE) - Data remain on the ICPSR file servers and are accessed and analyzed by the researcher virtually. Archive staff review output for disclosure risk prior to transferring results to the researcher.

Note: At this time, NAHDAP does not have RUFs designated as accessed through ICPSR's physical enclave for which the researcher must come to ICPSR in Ann Arbor in order to analyze the data.

Requesting Access to Restricted-Use Data

For studies with RUFs, information that the data are restricted is in the Notes on the study download web page as shown below. Researchers should use the "Restricted Data" button to connect to the online request system.

image showing users where the access notes and codebook links are on the page.

Access to Restricted-Use Data Using Secure Dissemination

Researchers (and their institutions) apply for access to restricted-use data utilizing the secure dissemination option via the online ICPSR Data Access Request System using the link provided on the study's download web page. Applicants are encouraged to view our tutorial, which is available in video or PDF.

The online application requires:

  • Name, department, and title of Investigator (i.e., the lead researcher on the project using the restricted-use data)
  • Description of the proposed research that supports need to access the restricted-use data
  • Name, email address, computer make/model, and location of data access for all Research Staff
  • Requested data format (SAS, SPSS, Stata, tab-delimited ASCII or fixed-field ASCII with setups)
  • Confidential Data Security Plan (standalone computer, private network)
  • Institutional Review Board approval or exemption for the research project from of the Investigator's institution
  • A signed Restricted Data Use Agreement (RDUA) (See a PDF example here)
  • Curriculum Vitae (CV)/resume/NIH biosketch for the Investigator and each Research Staff member
  • Pledges of Confidentiality from the Investigator and each Research Staff member

Once the request has been approved, the application materials above become officially incorporated into the RDUA.

The Investigator is responsible for notifying NAHDAP of any changes in his or her Institution or changes in the Research Staff with access to the data, including a change in Institution of Research Staff. Note: a change in Institution by the Investigator terminates the existing RDUA. A new RDUA must be established with the Investigator's new Institution.

Applications are reviewed by NAHDAP staff for approval. If approved, the restricted-use data are made temporarily available for secure download.

Confidential Data Security Plan (Secure Dissemination)

Since researchers take possession of the restricted-use data, researchers must have a secure environment for using and storing the restricted-use files.

All members of the Research Staff with approved access to the restricted-use data are also legally obligated to follow all aspects of the Confidential Data Security Plan.

Data security requirements cover:

  • Computer system base configuration: operating system, patches, and hardware location
  • Prevention of unauthorized use: factors to ensure access only to researchers named in the application
  • Malware/botware/virus protection: software installed in supported and kept up-to-date
  • Loss/theft protection: use of real-time encryption and secure electronic and physical storage of the restricted-use dataset, any derivatives, temporary files, and printouts.
  • Disclosure review: required disclosure risk review of output and restrictions on merging the RUF with any data not listed and approved by ICPSR in the data use agreement.
  • Adherence to security protocols: access log auditing, renewal or termination of data use agreement, ensuring all Research Staff follow security protocols
  • Backups: RUF and project files are excluded from backups, syntax files are encrypted and securely stored
  • End of project: secure erasure of all restricted-use files (including temporary files, extracts, and derivatives) and notarized affidavit attesting that this was done.

Access to Restricted-Use Data Using the Virtual Data Enclave

Researchers (and their institutions) apply for access to restricted-use data in the VDE through the ICPSR VDE Management System using the link provided on the study's download web page. Applicants are encouraged to view our VDE Guide

The online application requires:

  • Project information
  • Investigator's contact information
  • List of data files requested
  • A signed VDE Restricted Data Use Agreement (See a PDF example here)
  • Data Security Plan (Attachment A of RDUA)
  • CV/resume/NIH biosketch for each user that will access the VDE
  • IRB approval or exemption
  • Information about each research team member who will access the data in the VDE (i.e., user information)

Once the request has been approved, the application materials above become officially incorporated into the RDUA.

Access to Documentation

Documentation associated with restricted-use files is typically freely available for download by the general public. Documentation includes the study metadata -- that is, the data describing the study -- as well as any codebooks, questionnaires, user guides, or other supporting documentation prepared for that study.

ICPSR Member-Only Data

Some restricted-use data listed on the NAHDAP Website are available only to persons at ICPSR member institutions. Study documentation is still freely accessible to anyone. Use the link provided on the study's download web page to apply for access to these data.

Local IRB Approval to Archive Data

Institutional Review Boards (IRBs) take various approaches to secondary analysis of public-use datasets such as those distributed by NAHDAP. For more information, see ICPSR's web page on Institutional Review Boards