°Ç¸ç³Ô¹Ï

1. IntroductionÌý

This policy sets out the Department for Science, Innovation and Technology’s (DSIT) approach toÌýprotecting confidentiality when producing statistics.ÌýIt ensures that all statistics producers manage data and statistics safely and securely and are open about how data will be used and protected, so that the public can be confident about providing their own information for official statistics.ÌýThese arrangements are designed to ensure that DSIT statisticsÌýare in compliance withÌýtheÌý:Ìý

• PracticeÌý4.5:ÌýProtect the confidentiality of individual and business information when producing statistics. Be transparent about the choices made in line with the producer’s published confidentiality policy and applyÌýappropriate disclosureÌýcontrol methods before releaseÌý

2. ConfidentialityÌý

To ensure confidentiality, we:Ìý

• require all DSIT staff to complete mandatory UKÌýGeneral Data Protection RegulationÌý(UK GDPR)Ìý³Ù°ù²¹¾±²Ô¾±²Ô²µÌý

• keep confidential information secure and restrict access to trained staff who understand their responsibilities under data protection lawsÌý

• clearly explain our confidentiality protections to survey participantsÌýincluding through publicly available privacy noticesÌý

• balance privacy protectionsÌýmade to data subjectsÌýwith the need to produce useful statisticsÌý

• share confidential statistical data with other organisations for statistical purposes only; these organisations must sign a data sharing agreement outlining the intended use and protection measures and weÌýmaintainÌýdetailed records of all data transfersÌý

• apply disclosure control to numbers wherever it is needed to prevent identification of individuals, or the release ofÌýprivate informationÌý

3. DataÌýstandardsÌý

Each statistical datasetÌýmaintainedÌýby DSIT from which official statistics outputs are producedÌýto ensure dataÌýisÌýheldÌýin lineÌýwith theÌýData Governance Operating Model.ÌýEachÌýcriticalÌýdatasetÌýwill have a specifiedÌý‘Data Owner’.ÌýThey areÌýaccountable for the overall management of a specific dataset or a group of datasets within DSIT. Data Owners work with Data StewardsÌýandÌýthe DataÌýAcquisition teamÌýto ensure the management of each dataset is compliant and value-adding. A ‘Data Steward’ is someone who oversees the day-to-day operations when managing a dataset. They are the Subject Matter Expert (SME) of the dataset and should be the first port of call for most activities relating to the dataset.ÌýThe ‘Data User’ is an individual who utilises data for analysis, reporting, decision-making, or other business activities. They are expected to follow established governance policies and practices.Ìý

DSIT adheres to the requirements ofÌý±«°­Ìý³Ò¶Ù±Ê¸éÌýin the processing of personal data. AllÌýneeded risk assessments,Ìýdata sharing agreements, service level agreements, andÌýprocurements follow standardÌýdepartmental procedures to ensure compliance withÌý±«°­Ìý³Ò¶Ù±Ê¸é.ÌýPersonal data isÌýretainedÌýfor theÌýminimumÌýperiodÌýrequired, according to data protection principles,Ìýand disposed of in a secure and responsible manner.ÌýÌý

All staff working in DSIT and all visitors to its sites require a pass to access the premises. This pass must beÌýworn at all times. There is no public access to any part of the organisation where confidential statistical data may be held. Information is classified according to standardÌýgovernment security classificationsÌýand managed according to its sensitivity, value,Ìýand criticality. Staff regularlyÌýmonitorÌýand review information security arrangements to ensure that policy,ÌýstandardsÌýand proceduresÌýremainÌýrelevant and effective.ÌýÌýÌý

Mechanisms used toÌýtransmitÌýmicro-data will beÌýappropriate toÌýthe sensitivity of the data and its classifications and will beÌýencryptedÌýas necessary. Where micro-data is owned by a department or organisation other than DSIT, arrangements for access areÌýin accordance withÌýthe service level agreements,ÌýcontractsÌýor other confidentiality agreements between DSIT and the data owners. Access to micro-data collected and owned by DSIT isÌýdeterminedÌýby the guarantees given to the data suppliers or contributors and isÌýin accordance withÌýstatistical legislation covering the collection of these data or with theÌýappropriate principlesÌýfor the collection and use of administrative data.Ìý

4. DataÌýstorageÌý

Sensitive data usedÌýfor the production ofÌýofficial statistics are stored within DSIT’s secure analytical platforms, including the Cloud‑Based Analytical System (CBAS) and its successor, the Cloud Analytical Tooling Solution (CATS). These platforms are designed to holdÌýdata up to OFFICIAL – SENSITIVEÌýandÌýoperateÌýas closed analytical environments with restricted, role‑based access.ÌýÌý

Personal and sensitive datasets are subject to named‑user access controls,Ìýin line with data sharing agreements. In CATS,ÌýmetadataÌýon personal datasetsÌýisÌýcollectedÌýon ingestÌýandÌýthis metadata (but not the data itself)Ìýmade clearly available to potential usersÌýin a data catalogue. This includesÌýusage restrictionsÌýandÌýwhetherÌýthe personal dataÌýcontainsÌýspecial categoryÌýinformation, ensuring users have a clear understanding of what they can and cannot use this data for before they request access.ÌýÌý

Access will be granted by assignedÌýDataÌýStewards, and only in line with controls in data sharing agreements.ÌýAll personal data stored on CATS will have a corresponding Data Protection Impact Assessment (DPIA).ÌýThe DataÌýAcquisitionÌýteam will support analysts to draft this forÌýapproval byÌýthe Data Protection team.ÌýÌýÌý

The DataÌýAcquisitionÌýteam willÌýmonitorÌýdata sharing agreements and ensure datasets areÌýdeletedÌýfrom all DSIT analytical environments at the end of the agreed usage period.Ìý

5. DisclosureÌýcontrolÌý

This policy sets out statistical disclosure standards that provideÌýminimumÌýrequirements to ensure confidentiality of individuals and individual entities within data held by DSIT. It covers disclosure control ofÌýofficial statistics, and other published statistics and data.ÌýÌý

Sufficient checks will be carried out to ensure that figures are not released which could be disclosive. These checks follow the guidance provided by the Analysis Function website, coveringÌýÌýÌýandÌý. These provide frameworks for assessing potentially disclosive information and methodologies for suppression to uphold confidentiality in line with the Code of Practice for Statistics.ÌýThese assessments allow official statistics to balance the usability of data while protecting disclosure.Ìý

UK GDPR applies when sharing personal data.ÌýData sharing agreements may have specific disclosure restrictions, and individuals with access to such data will be aware of any restrictions specified as part of the access agreements for the datasets involved.ÌýÌý

6. SurveyÌýdataÌý

Access to DSIT survey microdata is provided through managed access routes such as the UK Data Service. Levels of access reflect the sensitivity of the data and range from anonymised datasets to more restricted access arrangements, in line with respondent assurances and statistical legislation.ÌýThis ensures:Ìý

• personal data collected through the surveyÌýareÌýonlyÌýusedÌýto administer the survey and to produce aggregate statisticsÌý

• published outputs are fully anonymisedÌýstatistics, ensuring individuals cannot beÌýidentifiedÌýin releasesÌý

• any sharing beyond contractors (e.g. with other government departments or the Office for National Statistics (ONS)) is limited to pseudonymised data for research and statistical purposes only, excluding direct identifiers such as names, full addresses, phoneÌýnumbersÌýor email addressesÌý

7. Non-disclosive informationÌý

Business site locations, addresses, or identifiers that are:ÌýÌý

• already publicly available (e.g. Companies House, published registers)Ìý

• used only as contextual or frame informationÌý

Publicly available administrative or register‑based information when published in non‑disclosive form.