42 USC 19085: National secure data service
Result 1 of 1
   
 
42 USC 19085: National secure data service Text contains those laws in effect on December 24, 2024
From Title 42-THE PUBLIC HEALTH AND WELFARECHAPTER 163-RESEARCH AND DEVELOPMENT, COMPETITION, AND INNOVATIONSUBCHAPTER III-NATIONAL SCIENCE FOUNDATION FOR THE FUTUREPart F-Research Infrastructure

§19085. National secure data service

(a) In general

The Director, in consultation with the Director of the Office of Management and Budget and the interagency committee established under section 9413 of title 15, shall establish a demonstration project to develop, refine, and test models to inform the full implementation of the Commission on Evidence-Based Policymaking recommendation for a governmentwide data linkage and access infrastructure for statistical activities conducted for statistical purposes, as defined in chapter 35 of title 44.

(b) Establishment

Not later than one year after August 9, 2022, the Director shall establish a National Secure Data Service demonstration project. The National Secure Data Service demonstration project shall be-

(1) aligned with the principles, best practices, and priority actions recommended by the Advisory Committee on Data for Evidence Building, to the extent feasible; and

(2) operated directly by or via a contract that is managed by the National Center for Science and Engineering Statistics.

(c) Data

In carrying out this section, the Director shall engage with Federal and State agencies to collect, acquire, analyze, report, and disseminate statistical data in the United States and other nations to support governmentwide evidence-building activities consistent with the Foundations for Evidence-Based Policymaking Act of 2018.

(d) Voluntary participation

Participation in the National Secure Data Service demonstration project by Federal and State agencies shall be voluntary.

(e) Privacy and confidentiality protections

If the Director issues a management contract under subsection (b), the recipient shall be designated as an "agent" under subchapter III of chapter 35 of title 44 with all requirements and obligations for protecting confidential information delineated in the Confidential Information Protection and Statistical Efficiency Act of 2018 and the Privacy Act of 1974.

(f) Technology and privacy standards

In carrying out this subsection, the Director shall-

(1) consider application and use only of systems and technologies that incorporate protection measures to reasonably ensure confidential data and statistical products are protected in accordance with obligations under subchapter III of chapter 35 of title 44, including systems and technologies that ensure-

(A) raw data and other sensitive inputs are not accessible to recipients of statistical outputs from the National Secure Data Service demonstration project;

(B) no individual entity's data or information is revealed by the National Secure Data Service demonstration project platform to any other party in an identifiable form;

(C) no information about the data assets used in the National Secure Data Service demonstration project is revealed to any other party, except as incorporated into the final statistical output;

(D) the National Secure Data Service demonstration project permits only authorized analysts to perform statistical queries necessary to answer approved project questions, and prohibits any other queries; and

(E) the National Secure Data Service demonstration project conducts privacy risk assessments to minimize the privacy risks to individual entities whose data has been made available by a reporting entity, including those privacy risks that could result from data breaches of any system operated by the reporting entity, as well as for determining approved project questions under subparagraph (D) to minimize the privacy risks to individuals affected by uses of the statistical output; and


(2) the National Secure Data Service demonstration project shall implement reasonable measures commensurate with the risks to individuals' privacy to achieve the outcomes under subparagraphs (A) through (E) of paragraph (1), which may include the appropriate application of privacy-enhancing technologies and appropriate measures to minimize or prevent reidentification risks consistent with any applicable guidance or regulations issued under subchapter III of chapter 35 of title 44.

(g) Transparency

The National Secure Data Service established under subsection (b) shall maintain a public website with up-to-date information on supported projects.

(h) Report

Not later than 2 years after August 9, 2022, the National Secure Data Service demonstration project established under subsection (b) shall submit a report to Congress that includes-

(1) a description of policies for protecting data, consistent with applicable Federal law;

(2) a comprehensive description of all completed or active data linkage activities and projects;

(3) an assessment of the effectiveness of the demonstration project for mitigating risks and removing barriers to a sustained implementation of the National Secure Data Service as recommended by the Commission on Evidence-Based Policymaking; and

(4) if deemed effective by the Director, a plan for scaling up the demonstration project to facilitate data access for evidence building while ensuring transparency and privacy.

(i) Authorization of appropriations

There are authorized to be appropriated to the Director to carry out this subsection $9,000,000 for each of fiscal years 2023 through 2027.

( Pub. L. 117–167, div. B, title III, §10375, Aug. 9, 2022, 136 Stat. 1574 .)


Editorial Notes

References in Text

The Foundations for Evidence-Based Policymaking Act of 2018, referred to in subsec. (c), is Pub. L. 115–435, Jan. 14, 2019, 132 Stat. 5529 . For complete classification of this Act to the Code, see Short Title of 2019 Amendment note set out under section 101 of Title 5, Government Organization and Employees, and Tables.

The Confidential Information Protection and Statistical Efficiency Act of 2018, referred to in subsec. (e), is title III of Pub. L. 115–435, Jan. 14, 2019, 132 Stat. 5544 . For complete classification of this Act to the Code, see Short Title of 2019 Amendment note set out under section 101 of Title 44, Public Printing and Documents, and Tables.

The Privacy Act of 1974, referred to in subsec. (e), is Pub. L. 93–579, Dec. 31, 1974, 88 Stat. 1896 , which enacted section 552a of Title 5, Government Organization and Employees, and provisions set out as notes under section 552a of Title 5. For complete classification of this Act to the Code, see Short Title of 1974 Amendment note set out under section 552a of Title 5 and Tables.