This page presents the ways we keep Integrated Data Infrastructure (IDI) data safe. The data we collect and link in the IDI is used for research and statistical purposes to inform decision-making by New Zealanders, businesses, and government.
The Statistics Act 1975 and the Privacy Act 1993 require us to protect the data we collect.
See Privacy, security, and confidentiality of information supplied to Statistics NZ for Statistics NZ's privacy statement.
For the public good
We all want to live in a country where the population is healthy, safe, and educated.
Integrated data is a valuable tool for identifying actions and evidence-based solutions to improve outcomes for New Zealand, particularly when underlying causes are complex and funding is constrained.
For an IDI research proposal to be accepted, the proposal must show how the intended research is for the public good. By only approving research that meets this criteria, we are able to ensure that the benefits of integrated data outweigh the risks.
See research we commissioned on Public attitudes to data integration.
The five safes
We use a ‘five safes’ framework to ensure that we provide access to data only if all of these five conditions are met.
- Safe people – researchers can be trusted to use data appropriately and follow procedures.
Researchers must pass referee checks before we allow them to work with data. We require them to sign a declaration of secrecy under the Statistics Act 1975 and follow our rules and protocols. Researchers who break our protocols can be banned, blacklisted, or prosecuted.
- Safe projects – the project has a statistical purpose and is in the public interest.
Research is restricted to the analysis of groups, not individuals, and must be in the public interest. This means that the research is focused on finding solutions to issues that are likely to have a wide public benefit. The Government Statistician signs off all research proposals.
- Safe settings – security arrangements prevent unauthorised access to the data.
Data can only be accessed through a secure Data Lab environment. Computers are not connected to a network and only Statistics NZ staff can release data to researchers.
- Safe data – the data inherently limits the risk of disclosure.
We de-identify data, which means we remove personal identifying information such as names and addresses, and encrypt (ie replace with another number) identifiers such as IRD and NHI numbers. Researchers get access only to the data relating to their research.
- Safe output – the statistical results produced do not contain any identifying results.
Researchers must confidentialise output before it can be released from the Data Lab, and Statistics NZ staff double-check results to ensure individuals cannot be identified. See Microdata output guide for the methods and rules researchers must use for confidentialising output produced from Statistics NZ's microdata.
Privacy impact assessments
Privacy impact assessments for the IDI provide a systematic evaluation of the privacy risks associated with integrating data from a number of sources into the IDI. They also summarise some of the expected benefits of the IDI.
See Privacy impact assessments for the IDI.
Updated 21 July 2016