Privacy and security for the Data Innovation Program
Last updated on June 24, 2024The Data Innovation Program uses best practices for managing safe access to confidential or sensitive data. Find out how project data is being kept safe and secure.
On this page
- Privacy and security for the Data Innovation Program
- Legislation
- Privacy Impact Assessment
- Privacy and security framework
- Contact us
Privacy and security for the Data Innovation Program
The Data Innovation Program meets B.C.’s strict privacy laws and embodies world-leading best practices for data privacy and security. The program was developed in partnership with privacy experts and reviewed by BC's Office of the Information and Privacy Commissioner.
Legislation
The Data Innovation program's approach to privacy and security is guided by the following legislation:
Privacy Impact Assessment
A privacy impact assessment (PIA) is a step-by-step review process to make sure that personal information collected or used is protected. The Data Innovation Program has completed an overarching Privacy Impact Assessment.
Privacy and security framework
The program has a Privacy and Security Framework (PDF, 1.8MB) based on the internationally recognized Five Safes model​ that outlines how to protect data and reduce the risk of inappropriate use of sensitive data. This model covers the following five key areas:
1. Safe people
Only authorized individuals can access the data
Only authorized people can access the data. Authorized people are government analysts and government-contracted researchers who:
- Completed an oath of secrecy under the Statistics Act
- Completed privacy training and must pass an exam
- Signs user agreements stipulating terms and conditions of their data access and use
2. Safe projects
Data projects must be in the public interest
Only approved projects can access the data. B.C. will ensure data projects have a public benefit and pose no harm to people or communities. Access will be granted only for projects that meet the following criteria:
- Have a clear public benefit to people
- Have a valid statistical purpose
- Demonstrate sound study design and methodology
3. Safe data
De-identified Data
Within the Data Innovation Program, only de-identified data is available. De-identified data is a powerful resource for research projects. It can lead to analytical insights while maintaining individual privacy and confidentiality.
This means: : personal identifiers such as names, driver licence numbers and personal health numbers are removed. All data is protected and subject to the Freedom of Information and Protection of Privacy Act. Analysts never see data that identifies people or data that can be used to target people
4. Safe setting
Using the right technology to integrate data safely
Data can only be accessed in a secure setting under government’s care and control. The Data Innovation Program uses a secure research environment located in B.C. that:
- Has physical, policy and technological controls to safeguard information
- Has regular third-party privacy and security audits
- Is managed in partnership by Population Data BC, an academic organization with a 20-year track record of secure data handling, linkage and storage
5. Safe outputs
Additional protection of privacy in research outputs
The Data Innovation Program takes measures to ensure a project’s research results are anonymous. This is an extra layer of protection in the unlikely event that integrating data sets somehow creates a composite of an identifiable person. The program sets clear obligations under the terms and conditions for access and ensures results are anonymous.
Contact us
Submit feedback, request for more information, or get help through the Data Systems and Services request system.
Find a detailed listing of all the data files and accompanying metadata records available in the Data Innovation Program.
Go to the Data Catalogue (page may take time to load)
This is a helpful tool to explore the metadata for all datasets available through the Data Innovation Program.
Questions for DIP team?