Principle 5: Statistical confidentiality
The privacy of data providers (households, enterprises, administrations and other respondents), the confidentiality of the information they provide and its use only for statistical purposes are absolutely guaranteed.
Staff sign legal confidentiality commitments on appointment. More
The staff regulations for all statutory staff include a commitment to confidentiality. In addition, special authorisation procedures apply for contractual workers who are required to work with confidential data.
Penalties are prescribed for any wilful breaches of statistical confidentiality.More
Internal disciplinary procedures apply to cases of wilful breach of statistical confidentiality, which may lead to suspension or dismissal from office.
Luxembourgish law also includes provision for financial penalties and imprisonment arising from a breach of confidentiality.
Guidelines and instructions are provided to staff on the protection of statistical confidentiality in the production and dissemination processes. The confidentiality policy is made known to the public.More
Eurostat has produced a comprehensive internal manual on the protection of confidential data. The European Statistical System Working Group on Statistical Confidentiality is ensuring coordination of the policy at EU level and its implementation. A glossary and a handbook
on statistical disclosure control explaining methods and providing guidance for their implementation are publicly available.
Physical, technological and organisational provisions are in place to protect the security and integrity of statistical databases.More
In addition to technical measures to restrict access to secure data, specified data 'custodians' are responsible for access to particular secure data sets and no access is given for longer than one year without renewal. There is also a system in place to prevent access to secure databases when staff are reassigned to different functions.
Strict protocols apply to external users accessing statistical microdata for research purposes.More
External users are individually approved and sign agreements governing their access to microdata. For the most sensitive data, access is allowed only via a computer terminal in a secure environment. The microdata cannot be removed from this environment.