Data Approval Process

Questions to consider before you submit your request:

    Does my project require data linked from multiple agencies (cross-sector data)?

    ERDC receives and links data from multiple sources, including early childhood education, K-12, WA public 4-year and 2 year postsecondary and employment sectors (cross-sector). ERDC can’t fulfill requests for data from a single sector- only multiple. To request data from a single sector, contact the data provider. Not sure if your request is for in-sector or cross-sector data? Contact the ERDC.

    Is my request for (a) individual-level data or unredacted aggregate data or (b) redacted aggregate data?

    Requests for individual-level data (including de-identified or identifiable data) or unredacted aggregate data require an extensive review involving FERPA compliance, WSIRB review, and data use agreements.  Requests for redacted aggregate data have fewer requirements. ERDC prefers sharing redacted aggregate data to minimize disclosures and risk.

    Is my request compliant with the Family Educational Rights and Privacy Act? 

    FERPA safeguards the confidentiality of individual student information. That's why ERDC will consider the following when they review your request:

    • Does your request fall under a FERPA exception? The most common exceptions for ERDC cross-sector data are 1) the audit and evaluation exception or 2) the studies exception. 
    • Does your request relate to an education program? FERPA defines an education program as "any program that is principally engaged in the provision of education, including, but not limited to, early childhood education, elementary and secondary education, postsecondary education, special education, job training, career and technical education, adult education, and any program that is administered by an educational agency or institution."

    Learn more about FERPA exceptions or explore the Integrated Data System guidance.

    Does the Washington State IRB need to review my project?

    Depending on your research questions and design, your study may need to undergo a Washington State Institutional Review Board review.  Upon request, the ERDC can consult with you about what type of review your request might require. Requests typically fall into three categories: a full IRB review, an expedited review, or exempt review.

    Can my agency sign a data-use agreement?

    If there is not a data-use agreement in place, ERDC will create a data-use agreement with the data requester. Key components of this agreement include data privacy, constraints on how you can use the data, data security, and data destruction.

    Learn more about data-use agreement guidelines by reading the Guidance for Reasonable Methods and Written Agreements.

    Key Terms

    Aggregate data: redacted vs. unredacted

    Redacted aggregate data does not reveal any student's personal information, either directly or in combination with other available information. This is typically summary data that does not allow someone to learn information about a specific student. This data can be shared without a data-use agreement, as it doesn't violate FERPA standards.

    Unredacted aggregate data may allow individuals to be identified. Such data is protected by FERPA and other privacy laws. To prevent sharing personal information, the ERDC either excludes numbers from summary tables (suppression of information where the total number of students is less than 10) or requires a data-use agreement under FERPA. 

    Cross-sector data Data that is linked across more than one education/workforce data provider. ERDC receives data from the early learning, K-12, postsecondary, and workforce sectors and then links this data across sectors for analysis purposes.
    Data-use agreement A contractual agreement with the ERDC and the requester. This designates the requester as an authorized user of the data.

    Data Request Panel

    Representatives from each data-contributing agency will review the data request and either allow or deny ERDC to share the data with the requester.
    FERPA compliance

    FERPA refers to the Family Educational Rights and Privacy Act. This act outlines the conditions when ERDC can share education data without individual/student consent.  The most common exceptions for ERDC cross-sector data are 1) the audit and evaluation exception or 2) the studies exception. 

    Identifiable vs. De-identifiable data 

    Identifiable data includes any information that can be used to distinguish an individual. Even without direct identifiers (such as a name) a record-level dataset is not necessarily a de-identified dataset. Identifiable data is protected by FERPA and other privacy laws. 

    De-identifiable data means that direct and indirect identifiers have been removed, and there is no reasonable basis to believe that the remaining information can be used to identify an individual. These de-identified data may be in the form of aggregate results or individual-level data. This data can be shared without a data-use agreement, as it doesn't violate FERPA standards. 

    Personally Identifiable Information (PII)

    Any information, such as a name or identification number, that can be used to distinguish a person’s identity. This may be through direct identifiers, such as name or ID number,  or through indirect identifiers, such as a student’s date of birth, or other information which can be used to distinguish or trace an individual’s identity through linkages with other information.

    WSIRB review The Washington State Institutional Review Board is tasked with reviewing all human subjects research to ensure that ethical, privacy, and other considerations are properly evaluated. 
      For more comprehensive definitions, we recommend you check out these key terms from the Privacy Technical Assistance Center

    Back to Top