Protecting the confidentiality and security of data

This is a case study for Principle T6: Data governance.

Every five years, the Northern Ireland Housing Executive (NIHE) carries out the Northern Ireland House Condition Survey (NIHCS), a survey of approximately 3,000 dwellings that collects data on the characteristics Northern Ireland’s dwelling stock and its occupants. NIHE uses the data to produce a statistical report.

NIHE has a range of procedures in place to protect the confidentiality and security of the NIHCS data. These are described in the background quality report (PDF, 0.19MB) that is published alongside the main statistical report. NIHE has also produced a confidentiality and access statement that sets out its physical, technical and organisational security arrangements and the arrangements for providing statistical data to third parties. For example:

  • All staff working on the NIHCS (including Research Unit staff and surveyors) receive training about their obligations under the Data Protection Act, sign a Declaration of Confidentiality in Official Statistics, and uphold the principles of the General Data Protection Regulation.
  • No confidential statistical data are held on laptops or any portable devices or kept on unprotected portable storage media, and all data held on laptops are anonymised so no individual can be identified by their responses.
  • Data are sent between NIHE and the contractor (BRE) using secure transmission procedures, and only relevant members of the statistical team can access the BRE website which contains NIHCS data.
  • Disclosure control techniques are implemented before the statistics are released to ensure that no individual will be identified. These include a combination of rounding, aggregation and suppression.

These measures ensure that users have confidence in the people and the organisation that produce the NIHCS statistics.