Preserving Respondent Confidentiality

ICPSR is committed to preserving the confidentiality of respondents. Data depositors are asked to review their data and documentation for information that could identify respondents. More information about approaches to managing confidential data is on the Data Management section of our website.

Deposit Options for Confidential Data

The vast majority of ICPSR data holdings are public-use files with no restrictions on their access. Sometimes the protective measures taken to reduce disclosure risk would significantly reduce the research potential of the data. In these cases, ICPSR provides access to restricted-use versions that protect confidentiality by imposing stringent requirements for accessing them.

On the data deposit form, depositors inform ICPSR if the data contain confidential information. If yes, depositors can use the "Additional Information" box on the form to request one or more of ICPSR's restricted-use data dissemination options described below. Contact ICPSR staff at deposit@icpsr.umich.edu with questions about any of these options.

  1. Secure Download

    For most restricted-use data, ICPSR offers users the ability to request the data via an online application through the ICPSR Data Access Request System (IDARS). Users must sign in to the application system with a MyData account or with their Facebook or Google passwords. To access ICPSR member-only data, users must be affiliated with a member institution.

    The restricted data application requires:

    • Names, titles, and institutional affiliation of investigators
    • Description of the proposed research
    • Information on data formats needed, data storage technology, and data security
    • Approval for the research project from the Institutional Review Board of the applicant’s institution
    • A signed data use agreement

    Upon completion, requests are reviewed by ICPSR staff. When approved, the encrypted data are sent to researchers via a secure link. Please note that ICPSR does not evaluate the scientific merit of the proposed research questions; we merely evaluate the security measures undertaken by the researcher and verify that all the necessary paperwork has been submitted.

  2. Virtual Data Enclave

    The virtual data enclave (VDE) provides access to restricted-use data via a virtual machine launched from the researcher's own computer but operating on a remote server. The virtual machine is isolated from the user's physical computer, restricting the user from downloading files or parts of files to their physical computer. The virtual machine is also restricted in its external access, preventing users from emailing, copying, or otherwise moving files outside of the secure environment, either accidentally or intentionally. To receive output or other files from the VDE, users must request a disclosure review from ICPSR staff.

  3. Physical Data Enclave

    Approximately 50 studies are only accessible for analysis on-site in the physical data enclave at the Perry Building in Ann Arbor, MI. The data in the physical enclave contain highly sensitive personal information collected from, for example, prison inmates, victims of violence, or serious criminal offenders.

    When using the physical enclave, several guidelines are in effect:

    • Investigators cannot bring laptops or other electronic equipment into the enclave.
    • The enclave is equipped with a Windows computer with the Microsoft Office Suite and the SPSS, SAS, and Stata statistical packages. Arrangements must be made in advance for other software.
    • The computer is not connected to the Internet, and the removable media ports are disabled.
    • An ICPSR staff member is present at all times when a researcher is using the enclave. The staff member inspects and approves all material brought into the enclave.
    • All output, notes and other material must be submitted for disclosure review before the investigator leaves the enclave.
    • ICPSR staff will conduct a disclosure review of all files that the investigator wants to use after leaving the enclave.
    • Approved analysis output will be sent to the researcher electronically.
  4. Restricted Online Analysis

    For selected restricted-use datasets, ICPSR utilizes Restricted SDA (Survey Documentation & Analysis), an online statistical package that evaluates output for disclosure risk prior to displaying it for the end user. Restricted SDA is programmed to disable access to the microdata and selected variables, evaluates dataset-specific thresholds, and logs user interactions so that usage can be monitored. More detail can be found in the documentation for SDA.

  5. Delayed Dissemination

    In some cases, ICPSR can preserve data under a delayed dissemination model, in which the depositor and ICPSR establish a release date. ICPSR preserves the data until that date and distributes them according to the dissemination plan afterwards.