Privacy and Ethics – 5 Safes Framework
HELP has strong measures in place to protect how staff work with data at HELP.
- Staff are required to complete data confidentiality agreements. In signing a confidentiality agreement, staff acknowledge that a breach may be grounds for dismissal and possible legal action.
- Not all staff have access to individual level data; it is a privilege only given to staff for specific access to what is needed for them to do their work.
- HELP has mandatory privacy, confidentiality, and security training for staff.
- HELP and Population Data BC work in close partnership, and staff at Population Data BC who manage linked data complete criminal records checks.
- HELP contracts one 3rd party software engineer to help maintain the electronic data capture system. This software engineer has worked for HELP for over a decade and has signed HELP data confidentiality agreement. He works only on the software and is never required to look at survey data or identifiers.
In the history of HELP and its research projects, there have been no privacy breaches.
The Tri-Council Policy Statement is foundational to HELP's research ethics and commitment to the people of British Columbia and Canada to promote ethical conduct of research. Research ethics are in place for all HELP projects and these are reviewed each year by the University of British Columbia Behavioral Research Ethics Board.
To ensure that HELP projects are culturally sensitive and relevant to Aboriginal communities, HELP works with First Nations, Métis, and Inuit communities and with the guidance of the Aboriginal Steering Committee to understand and address the needs of Aboriginal children. The Aboriginal Steering Committee at HELP ensures that its research has meaning for, and is consistent with, Aboriginal communities' objectives and intentions.
Legal Information Sharing Agreements (ISAs) are signed by UBC (HELP) and public bodies (governments, school districts, and partner research organizations) that provide personal information to HELP. Individual-level data can only be shared with governments, school districts or partner research organizations if an ISA is in place and consent has been secured from those completing HELP's questionnaires. HELP ISA's confirm that individual level data can only be used for research or planning and program evaluation purposes (population-based assessment activity). HELP's ISA's prohibit the use of individual student data: the data cannot be used for diagnosis or assessment of individual students. HELP's ISAs also outline responsibilities that all parties have concerning privacy and confidentiality. ISAs are legal contracts that specify the safeguarding measures HELP must take to protect personal information.
Privacy Impact Assessments (PIAs) are also completed for the EDI, MDI, TDI, and CHEQ projects. These PIAs are reviewed by the Office of the University Counsel at UBC and the BC Office of the Information and Privacy Commissioner.
For secure data management, HELP works with Population Data BC which is a purpose-built organization with world class technology and standards for storing and safeguarding data. Personal information and other questionnaire data are collected on servers hosted within UBC's private network. Access to HELP servers is restricted according to the recommended standard for encryption (Government of British Columbia, Cryptographic Standards for Information Protection) and is protected by firewalls so that it is only accessible from within the university's private network. No third-party server holds the data. HELP does not store IP addresses in its database. The IP address for each web request is stored in server logs, but these records are not associated with a particular user. For the MDI, students log in to their own questionnaire with their own unique software-generated password. HELP encrypts and transmits data using a secure server connection and data are de-identified prior to any reporting.
HELP stores data at Population Data BC, a highly secure data storage facility with strictly controlled access. This secure research environment (SRE) is accessible only to named persons who work on the individual-level data on specific terminals. In network terms, it is the moated environment that is present within the physical secure research zone, unconnected to the outside world. The SRE has a central server accessible only via an encrypted Virtual Private Network (VPN) through a firewall and use of a YubiKey® token for authentication.
As part of its research programs, HELP collects survey data from parents/caregivers/guardians, students and teachers. HELP receives student personal information from MyEducationBC by agreement with School Districts. Personal information includes names, Personal Education Numbers, postal code, date of birth, and gender. The following variables: Aboriginal Status, Special Needs Designation, English Language Learning, English as a Second Dialect, and French Immersion are optional variables which, where provided, are useful for research purposes. Student names are only used for questionnaire administration and are then deleted from questionnaire responses so they are not stored. Personal Education Numbers are removed, encrypted, and stored separately from the rest of the questionnaire responses. Postal codes are collected as a means of mapping children to neighbourhoods for aggregate reporting and informing stakeholders, such as neighbourhood planning coalitions. Date of birth is used to calculate age which is used for research purposes, along with gender.
HELP research and findings depend on reliable data and for this, personal information is used to verify that the correct student is doing the correct questionnaire, to prevent duplicate records, to increase the power of the results, to enable reliable, population-level research at HELP, and to link data to other databases by strictly approved and controlled circumstances only (described below).
Researchers may apply to “link” the data HELP gathers to other administrative and research data. This allows researchers to study trends in childhood development, better understand the policy and program differences that influence developmental outcomes, and contribute to our understanding about how to make improvements for children in British Columbia. Data linkage is one of the most powerful ways of bringing together information to answer complex questions. Researchers who receive permission to use HELP data for research or statistical purposes are provided data that cannot be connected to any individual student. Researchers do NOT receive Identifier data (date of birth, postal codes, or Personal Education Numbers).
School districts, partner research organizations, and governments who receive permission to use HELP data are made aware that they have responsibilities concerning privacy and confidentiality of data through Information Sharing Agreements (ISAs) and Privacy Impact Assessments (PIAs). ISAs and PIAs are tools to evaluate and manage privacy impacts and to ensure compliance with privacy protection rules and responsibilities.
For EDI and CHEQ data, the British Columbia Ministries (Ministry of Education; Ministry of Children and Family Development; Ministry of Health) who fund these projects receive individual-level data, including identifier data, to link to other administrative data sets. Consent from study participants is obtained for this and a legally binding Information Sharing Agreement (ISA) is in place between the Ministries and UBC (HELP). The ISA safeguards these data by requiring that the data be used for planning and program evaluation purposes only. Data linkage is only permitted under strictly approved and controlled circumstances. This approval process is fully outlined on Population Data BC's website along with linkage and security.
Research and other projects seeking to use HELP's data and link it must indicate how the intended research will serve the public good. Linking HELP data to other data such as health and education records can provide insight into groups of children's development and help to answer important research and policy questions which inform the creation of policy and programs to support children and families. Data linkage expands the body of knowledge of child development and can improve the lives of children and families in British Columbia. The value of this is immeasurable and such social good lies at the heart of why HELP gathers the data. As we increase our understanding of the differences that make a difference, we are able to continually inform policy and program goals with exemplary research.
Survey data are used to create reports that are shared with schools and communities in BC and across the country, making a difference in the lives of children by informing policy and practice. HELP releases publicly available school district and community reports annually. HELP reports never list or compare schools or individual teachers. School level reports are only available through a private portal and are not available publicly. This approach is used to avoid school comparisons or rankings.
HELP questionnaires are population-level research tools. This means that although individual students, parents/caregivers/guardians, or kindergarten teachers complete questionnaires, the results are not used to evaluate or assess individual children, nor are they used to rank teachers, neighbourhoods, schools, or school districts. For the CHEQ project only, individual reports are provided to school personnel to better understand their new group of Kindergarten students. Schools and school districts use their data to evaluate and inform school goals and initiatives that support student well-being. Community organizations use neighbourhood level results to inform their planning and program evaluation.