- Who will have access to the Data?
Researchers may access the Data by submitting a detailed Data Access Request which is approved by the data provider. They then sign a Research Agreement with the Data Provider.
Named programmers have access to Identifier Data to perform linkages on intake only. Content Data are stored on a separate server, and are accessed by named programmers to perform Research Extracts as defined through a Research Agreement. Staff in the Data Access Unit work with the Researcher to define study populations and therefore will have access to Content Data. Data Access Unit staff have no access to Identifier Data.
- What is the benefit to a data provider of having Population Data BC hold data that is under its stewardship?
We can benefit a data provider who needs:
- A streamlined and effective way to manage data requests from the research community
- Safe and secure data storage with content and identifier separation
- A trusted third party for data linkage
- A Secure Research Environment for researchers to maximize data security during data analysis
- Project closure and archival storage of data
- How can a data provider monitor Population Data BC's use of the Data to ensure it is being used as contractually agreed upon?
All usage of the Data will be regulated by a Data Sharing Agreement with the data provider outlining how the provider can monitor the use of the Data on an individual basis.
- How can a data provider monitor Population Data BC’s security?
A section on security requirements and compliance monitoring is a standard part of our Data Sharing Agreements, and includes logging, reports and auditing.
- Does a data provider, at any time, relinquish stewardship of the data by storing it at Population Data BC?
No, as a data provider you maintain stewardship of the data and approve all Data Access Requests from researchers on a case-by-case basis. Population Data BC has no authority whatsoever in terms of authorizing access to the Data.
- What is the risk of exposure?
Risk of exposure is significantly lower than that of most data providers as we separate Identifier Data from Content Data and all our identifiable information resides, encrypted and off line.
- Who is the legal body responsible for Population Data BC?
Population Data BC is under the legal umbrella of the University of British Columbia (“UBC”), which is a public body under FIPPA. The Office of the University Counsel is charged with administering matters relating to UBC’s compliance with FIPPA. The head of the public body at UBC with respect to FIPPA is University Counsel, Hubert Lai. Population Data BC operates under the aegis of UBC as the public body.
- What is the risk of someone gaining unauthorized access to Data?
Population Data BC has a myriad of technical and physical controls in place to maintain the security of the Data. Details of these security features are available upon request, but include building alarms, fortification and video surveillance as well as network moating, two-factor authentication and encryption. Population Data BC provides cradle to grave security meeting or exceeding Cobitt, ISO and BC Government Core Standards.
- Does Population Data BC carry out research on the Data?
No, Population Data BC does not have its own researchers or its own research agenda.