Data Security Requirements for Accessing Confidential Data
AI-generated summary for informational purposes only. Not legal advice. See the original source for the authoritative text.
The law establishes data security requirements that must be met when accessing confidential data for statistical purposes within the Bureau of Justice Statistics. It outlines the necessary agreements, privacy certifications, and security plans that applicants must submit to ensure the protection of collected data. This process aims to facilitate the use of confidential data assets while maintaining strict adherence to privacy and confidentiality standards.
AI-generated summary. May contain errors. Refer to official sources for legal decisions.
Key Changes
- Establishment of a Standard Application Process
- Mandatory privacy certifications
- Implementation of data security plans
Obligations
What this law requires
Submit a Restricted Data Use Agreement signed by the applicant and authorized representatives to BJS/NACJD before accessing confidential data assets
Submit a Privacy Certificate in compliance with 28 CFR part 22 documenting technical, administrative, and physical controls to protect data confidentiality
Submit a data security plan describing how data will be protected from misuse and unauthorized access
Certify compliance with BJS confidentiality requirements and all applicable federal laws and regulations governing use of confidential data
Use approved confidential data exclusively for statistical purposes and evidence-building as authorized in the Restricted Data Use Agreement