The 10 Fundamentals

Fundamental 10: Transparent privacy protection and security practices and policies

As state policymakers build coordinated ECE data systems, states must have transparent policies and statements that articulate how they ensure the security of the data and the privacy and confidentiality of personally identifiable information. These policies and statements should address important issues including who has access to what data, especially identifiable data; how the information is used and linked; the justification for the collection of specific data elements; and how long states retain the information. Coordinating these conversations with the state governance body (see Fundamental 9) ensures the privacy, security and quality of state ECE data systems while allowing appropriate data collection, retention, storage, access and use. Finally, states must also ensure these policies and statements are available publicly and communicated to all stakeholders so states are transparent about the data they are collecting, why and how they are protecting privacy.