|
Data security and confidentiality of personal information is a top priority for the Census. It is central to the design of robust systems, processes and legal arrangements with contractors.
NISRA confirms its overriding commitment to ensuring the confidentiality of personal Census data, and its use strictly for statistical purposes only.
All NISRA staff and any appointed contractors working with Census data are bound by Regulations made under the Census Act (Northern Ireland) 1969, and the Census (Confidentiality) (Northern Ireland) Order 1991. Any breach of the confidentiality provisions is a criminal offence, subject to possible imprisonment and fines. All staff working with personal Census data sign a confidentiality declaration to confirm their understanding and commitment to the legal confidentiality undertakings.
All Census data is owned by government and all of the legal undertakings of confidentiality of personal Census information will apply to both NISRA and any contractors.
Safeguarding data confidentiality and security is a top priority in defining legal arrangements with contractors. Contractual provisions ensure that confidentiality of personal data is secured, following the Office for Government Commerce's model contract terms.
Census data confidentiality and NI law
Census data confidentiality is protected by the Census Act (Northern Ireland) 1969, and the Census (Confidentiality) (Northern Ireland) Order 1991.
These confidentiality provisions prohibit the disclosure of personal information with a penalty of imprisonment, a fine, or both.
Personal information, held by or on behalf of the Registrar General, is exempt from any disclosure sought under the Freedom of Information Act.
Data Protection Act
The Data Protection Act requires that where data processing is carried out on behalf of a 'data controller', there must be a written contract that specifies the actions to be carried out by the contractor, and which prohibits any other action. The data controller is responsible for upholding the data protection principles and is therefore responsible for the actions of any data processors.
Census data security measures
Data security and confidentiality is a top priority for the Census. In addition to the strong protection provided by the law, NISRA has put in place stringent additional safeguards.
All Census employees and contractors working on the Census sign a declaration of confidentiality to guarantee their understanding and compliance with the law which makes unauthorised disclosure of personal Census data an imprisonable offence.
All those who have access to the full Census data set in the operational data centre will be NISRA or ONS staff.
All staff processing any personal Census data will be security cleared to the UK Baseline Standard. This requirement has also been extended to all employees of the supplier and their sub-contractors handling any personal Census data.
Staff with access to the full census dataset, or substantial parts of it, will have security clearance to handle material classified as 'Secret'.
Underlying security requirements for Census data are based upon UK Government Security Guidelines issued by the Cabinet Office and by Communications - Electronic Security Group.
Census data is classified as restricted under the scheme of classification of government information. For more details see the link to Cabinet Office website pdf of classifications.
This classification brings a whole set of standards and safeguards which have been put in place to ensure that the data remains secure. This includes control of physical access to any site or room where the data is kept, secure control of access to IT hardware and of course IT systems.
NISRA will control system access rights to all data systems.
All security measures cover the completed forms, the electronic data set, the website, the archive image system and the communications links relating to any of these items.
All of the electronic communications links over which personal Census information will be routed, will be encrypted (scrambled) to levels recommended by the Government Security Services.
The Census security programme is being managed to the framework of ISO27001 - the internationally recognised Information Security Management Standard.
NISRA will commission an independent review of systems and procedures covering both its own systems and those of all contractors. These reviews will include systematic checks during the operations. The independent security auditors will be accredited by the Government Security Services to carry out these reviews.
Use of Census data and data confidentiality
We have secure systems in which to hold data, with stringent controls and procedures in place. We do not store any financial details, and names and addresses are removed from the data sources used for the day to day production of statistical tables.
The information in questionnaires is used only for Census related publications and analyses published for geographic areas. These outputs do not attribute any of the statistics back to specific individuals.
Once the analyses are complete and the information is published, electronic archive copies of the forms will be securely filed away and the personal details they contain will remain permanently closed.
All handling and storage of data complies with the Data Protection Act
Concerns expressed by some groups in Great Britain about the possibility of the US Patriot Act being used to access census data, have been addressed by a number of additional contractual and operational safeguards. Arrangements have been put in place to ensure that no such access could take place.
Existing law already prevents the disclosure of Census data - it is a criminal offence to disclose personal Census data and is punishable by a fine and/or imprisonment. All Census data is owned by government and all of the legal undertakings of confidentiality of personal Census information will apply to both NISRA and any contractors. All Census employees and contractors working on the Census sign a declaration of confidentiality to guarantee their understanding and compliance with the law. All those who have access to the full Census data set in the operational data centre will be NISRA or ONS staff. Contractual arrangements ensure that only sub-contractors registered and based in the UK and either UK or EU owned would have access to any personal Census data. Finally, Staff with access to the full census dataset, or substantial parts of it, will have security clearance to handle material classified as 'Secret' under the UK Government's classifications.
The prime contractor is Lockheed Martin UK Ltd. Additional specialist services will be provided by Cable & Wireless, Logica CMG, UK Data Capture, Broadcasting Support Services (bss), Steria, Polestar, Oracle and Royal Mail. Lockheed Martin UK will design the processing systems for NISRA using its expertise and past experience. The day to day running of operational services will be provided by the consortium of specialist service providers. All of these specialist subcontractors are registered and wholly or majority owned in the UK or elsewhere in the EU. This contractual structure means that no US companies will have any access to any personal Census data. No Lockheed Martin staff (from either the US parent or UK company) will have access to any personal Census data and all data will be processed in the UK and remain in the UK.
|
