The NCERDC will provide researchers with data access under the terms of the Data Use Agreement. Data provided by NCERDC will be held by the investigator, research staff, and receiving institution in strictest confidence and can only be disclosed in compliance with the terms of the signed agreement. For use of NCERDC data files, the investigator, research staff, and receiving institution must agree to all of the following conditions:
I. Eligibility requirements for investigators and receiving institutions
NCERDC data are released only for research use. Therefore, all investigators must have their primary affiliation with an institution that meets the criteria outlined below in order to be eligible to receive NCERDC data.
A. Receiving institutions must:
- Be an institution of higher education, a nonprofit research organization, or a government agency located within the United States;
- Have a demonstrated record of using sensitive data according to commonly accepted standards of research ethics; and
- Have an established Institutional Review Board/Human Subjects Review Committee or equivalent institution-level body to review proposals for research using sensitive data.
B. Graduate Students:
As part of its mission, the Data Center will provide data to students for doctoral dissertation or masters’ thesis research. These researchers must:
- Be enrolled in an advanced degree program at an eligible institution;
- Submit a proposal and complete all steps indicated in the Data Use Agreement;
- Have a faculty member sponsor that proposal by writing a letter of support, indicating that the faculty member assumes responsibility for data security as stated in the NCERDC-approved data security plan. Due to resource constraints, students may have access only to existing datasets. The Data Center will not customize data for student research.
II. Research Proposal Requirements
All researcher requests must provide to the Data Center a written description of the research project including: an abstract, goals, significance, specific research questions, analysis plan, and description of how the requested data files and measures will be used for addressing this project plan. The abstract (approx. 250 words) should include the title of the project, names of investigators, and funding source (or proposed funding source). The abstract should state the goals of the project and the Data Center’s role in meeting those goals. If the project requires labor from the Data Center beyond access to existing data files (e.g., creating customized data), these activities must be described and justified in the proposal. Most proposals are 5-10 pages long. Proposals must also include the data request form, describing the relevance of each requested data file to the research project.
III. Data Security Plan Requirements
All applications for NCERDC data access must include a Data Security Plan, outlining the measures that will be taken to ensure that no persons, other than those authorized by the signed agreement, can access the contents of the NCERDC data files. This data protection plan applies to data files supplied by the NCERDC, copies made by the research team, and any new data derived from the restricted data. “Derived data” include subsets of cases or variables, as well as numerical or other transformations of variables from the original data.
The plan also should include a discussion of the computing environment in which the data will be managed, analyzed, stored, and transmitted among research team members. The investigators must address in detail the security measures that will be implemented for protection of these restricted data. The NCERDC requires that the original de-identified data files, and all resulting temporary and derived data files, must be stored on a secure network server with protections and restrictions appropriate for sensitive data. External devices (such as laptops or hard drives) and cloud storage options (such as Box or Google Drive) do not meet the Data Center security requirements.
Specific guidelines for preparing the Data Security Plan are outlined in the Data Security Guidelines document.
IV. Institutional Review Board Requirement
The NCERDC requires that the investigator submit a copy of the document, signed by the receiving institution’s Institutional Review Board, approving the research project and acknowledging that these data require human subjects protection. Although research using NCERDC data does not involve interaction with human subjects, the level of detail of these data and the Data Center’s strict compliance with FERPA regulations require that we secure institutional commitment to safeguarding confidentiality of these data files. Therefore, a certificate of IRB exemption from review is not sufficient to meet this requirement (an expedited level of review is acceptable). The IRB also must approve the procedures for the secure use and storage of the data described in the researcher’s Data Security Plan. Documentation of annual IRB renewal also is required for continued data access.
V. Confidentiality Pledge
Researchers receiving data from the North Carolina Education Research Data Center must agree that:
The data are subject to confidentiality and privacy protections, as per the restrictions to use of such data specified by the Family Education Rights and Privacy Act (FERPA), enacted by the United States Congress and by North Carolina General Statute 115C.
They will fulfill their responsibilities to protect the confidentiality of these data in accordance with the procedures and requirements established in the approved Data Use Agreement and Data Security Plan. These conditions include the following:
- That the data will be used solely for statistical analyses and that no attempt will be made to identify specific individuals, families, households, schools, or institutions, nor will any listing of data at the individual, family, or school level be published or otherwise distributed.
- That the NCERDC data (original and derived data and analysis files) will be stored and analyzed only within the United States, in compliance with the approved data security plan.
- That NCERDC student records will not be linked with information about political affiliation, religion, voting history, or biometric information (as per North Carolina General Statutes Chapter 115C Article 29).
- That the term “free/reduced price lunch” will not be used in any publications or reports based on research using NCERDC data.
- That, if the identity of any student should be discovered inadvertently, then (1) no use will be made of this information, nor will it be shared with anyone else; (2) the identifying information will be safeguarded or destroyed.
- To avoid inadvertent disclosure of student identities by taking the following precautions in the release of statistics derived from the data set:
- In no table should a single cell contain all cases in any row or column.
- In no case should the total for row or column of a cross-tabulation be fewer than ten.
- In no case should a quantity figure be based upon fewer than ten cases.
- In no case should a quantity figure be published if one case contributes more than fifty percent of the amount.
- In no case should data on an identifiable case, or any of the kinds of data listed above, be derivable through calculation from the combination of tables released.
- Data released should never permit disclosure when used in combination with other known data.
- That only the persons identified in the data agreement as investigator or research staff will have access to the contents of the data files, including derived data files.
- To comply fully with the approved Data Security Plan.
- To supply NCERDC with a signed Data Use Agreement from each investigator and a signed Confidentiality Pledge from each research staff member identified in the Application Cover Sheet.
- To respond promptly and in writing to inquiries from the NCERDC regarding compliance with this agreement or the expected date of completion of the research.
- To destroy all electronic and paper files at a date specified in the Disclosure and Data Destruction Agreement.
- To provide manuscripts to the NCERDC for review by the North Carolina Department of Public Instruction, prior to submitting the manuscript for publication and/or prior to making the manuscript or report available for public access.
- To provide annual reports to the NCERDC, which include:
- A copy of the annual IRB approval for the project;
- Copies of reports, briefs, and summaries based on research using NCERDC data;
- Copies of final papers accepted for publication using these data, with complete citations.
In the event that I change institutional affiliation during the period covered by this contract, researchers must pledge to take the following actions:
- Inform the NCERDC prior to relocation.
- Resubmit a data security plan and obtain signed IRB approval from the new institution.
- Submit a revised cover sheet and signed agreement reflecting the new institutional affiliation.
- Provide confirmation of the date on which all data files are removed from the original site.