Data Security Requirements for Accessing Restricted Data

The Foundations for Evidence-Based Policymaking Act of 2018 (44 U.S.C. 3583) mandates that the Director of the Office of Management and Budget (OMB) establish a standard application process (SAP) for requesting access to certain confidential data assets. While the adoption of the SAP is required for statistical agencies and units designated under the Confidential Information Protection and Statistical Efficiency Act of 2018 (CIPSEA), it is recognized that other agencies and organizational units within the Executive Branch may benefit from the adoption of the SAP to accept applications for access to confidential data assets. The SAP is to be a process through which agencies, the Congressional Budget Office, State, local, and Tribal governments, researchers, and other individuals, as appropriate, may apply to access confidential data assets held by a federal statistical agency or unit for the purposes of developing evidence. With the Interagency Council on Statistical Policy (ICSP) as advisors, the entities upon whom this requirement is levied are working with the SAP Project Management Office (PMO) and with OMB to implement the SAP. The SAP Portal is to be a single web-based common application designed to collect information from individuals requesting access to confidential data assets from federal statistical agencies and units. BJS makes the microdata it is required to protect as confidential available to approved researchers through a restricted access setting via its official criminal justice data archive. As a Federal Statistical Agency, BJS adheres to the SAP requirements and BJS restricted (confidential) microdata are available for discovery and application via the SAP Portal. In late 2022, the National Center for Science and Engineering Statistics (NCSES), in its role as the SAP PMO, published a 60-day Federal Register Notice (87 FR 53793) and 30-day Federal Register Notice (87 FR 66754) announcing plans to collect information through the SAP Portal. This collection request was submitted to the OMB as a Common Form in late 2022; the OMB control number for SAP Portal information collection is 3145-0271 and the expiration date is 12/31/2025.

The latest form for Data Security Requirements for Accessing Restricted Data expires 2026-06-30 and can be found here.