Data Use Guidelines

During 2008–09, the Data Access and Use Subcommittee of the Ad Hoc Assessment Planning Committee was instituted by Provost Connie Hungerford, with the goal of drafting a policy document that would address data access and use issues. The members of the group, a subcommittee of the Assessment Committee, included Garikai Campbell (Dean’s Office), Ellen Magenheim (Economics), Robin Shores (Institutional Research), Steve Wang (Mathematics and Statistics, committee chair), Martin Warner (Registrar’s Office), and Richard Wicentowski (Computer Science). The committee also included a representative from the Admissions Office, initially Jim Bock, but which was then filled by Ryan Keaton and Sebastian Indacochea.

See the full committee report on: Data Access and Use [pdf]

Summary of Guidelines

General principles

Faculty and staff granted access to institutional data may access data only to conduct College business. In this regard, employees must:

  • Respect the confidentiality and privacy of individuals whose records they access
  • Observe ethical restrictions that apply to the use of the data to which they have access
  • Abide by applicable laws or policies with respect to access, use, or disclosure of information

Employees may not:

  • Disclose data to others, except as required by their job responsibilities
  • Use data for their own personal benefit, nor for the gain or profit of others
  • Access data to satisfy their personal curiosity

Additional questions and principles that should be considered in decisions on data use and access:

a. Is there an appropriate action or policy decision that could result from analyzing the data requested?

Principle: There should be a plausible action or policy decision that could result from the analysis, even if that action is not actually taken. Data analyses should not be carried out solely to satisfy one’s own curiosity or personal benefit.
Example: A Swarthmore alum is running for political office. A professor is curious about how the alum did as a student here and wonders if it is permissible to look up his grades online. Decision: Access to these data should not be granted for this purpose. Reason: This is private information, and no appropriate action or policy decision could result from such access.
Example: A department wants to see if incoming female first-year students who express an interest in majoring in the department are more likely to switch to another major than are male students. The department requests a list of intended majors from the admissions office for the purpose of cross-referencing it against the department’s own list of majors. Decision: Access to these data can be granted for this purpose. Reason: Even if no action is taken, it is conceivable that the department might want to change its advising procedures, increase recruiting, etc.

b. Will any findings be used for an inappropriately exclusive purpose?

Principle: One should not access and analyze data in order to exclude students from some opportunity based on their membership in a group.
Example: A professor wants to see if non-majors from a certain department do poorly in her course. If so, she will no longer allow students from that department to take her course. She asks the Registrar for data on majors and grades in previous offerings of the course. Decision: Access to these data should not be granted for this purpose. Reason: Students who meet the stated prerequisites for a course should not be barred from participation based on their membership in some group (e.g., ethnicity, gender, sexual orientation, participation in athletics, etc.). However, there are purposes for which access to these data may be allowed (e.g., to better identify the appropriate prerequisites for a course).

c. Can the work be done without using individual identifiers?

Principle: When possible, analyses should be done without personally identifying information. Even without names or ID numbers, however, at a small college the combination of race, sex, and major may be enough to identify some students, and so data with this level of detail are considered the same as data with identifiers under the Family Educational Rights and Privacy Act (FERPA).

d. Does the work improve the educational experience, or otherwise contribute to the educational mission? Can the results be shared so that others can benefit from the findings, or learn from the methodology?

Principle: Reasons for requesting data and proposed analyses should be consistent with the college’s educational mission. The results of such requests should contribute to the quality of teaching and learning at the college.
Example: A faculty member wants to hire a Swarthmore student to be a math tutor for his child, who is currently in middle school. He has a few students in mind, and he wants to use Faculty Services to review their Swarthmore math grades before he contacts them. Decision: Access to these data should not be granted for this purpose. Reason: This is private information. A faculty member who wants this information should ask the potential tutors to provide it. Since this is for the benefit of a faculty member’s child, who is not a Swarthmore student, access to this information cannot be justified on the grounds of contributing to the educational mission of the college.

e. Should the analysis be done by the faculty/staff member, or would the analysis be more appropriately done by the Director of Institutional Research (IR) or the Registrar’s Office?

Principle: There are situations in which it may be appropriate for IR or the Registrar to perform the analysis without disclosing the raw data, especially when dealing with sensitive student information. Normally, this decision should be made when the request for data is made. This protects sensitive data and may avoid creating a situation in which a faculty member could become biased about a student or group of students.

f. How will the analysis and data be disseminated?

Principle: Greater caution may be needed to protect anonymity if the results are to be published (e.g., in a book or journal article). This is especially important now that some journals are requiring that authors deposit datasets in a journal archive as a condition of publication. At a small college, the combination of variables such as race, gender, major, etc., may be enough to uniquely identify individuals.

g. How will the data be secured?

Principles: Confidential data should be stored securely (e.g., password-protected) during the study. Datasets should not be left unsecured, as this increases the chances that confidential information could be lost or otherwise compromised.

h. What will happen to the data after the analysis has been completed?

Principles: Confidential data should be destroyed at the conclusion of the study. Datasets should not be re-used for other purposes after the initial analysis has been completed unless a separate request has been sought for additional analysis.