SEER-Medicare Policy on Encryption & Data Security: Portable Devices & Removable Media

The SEER-Medicare data must be protected. All SEER-Medicare investigators sign a data use agreement before obtaining the data. Any investigator who has obtained the SEER-Medicare data (including all persons with access to the data) must take all reasonable measures to ensure the safety and confidentiality of the data that are downloaded to any portable device or removable media.

Reasonable data protection measures include:

  • Storing large files only on network drives and password-protecting all SEER-Medicare data.
  • Establishing and maintaining appropriate administrative, technical, and physical safeguards to protect the confidentiality of the data and to prevent unauthorized use or access to it, as described in your proposal.
  • Not placing the SEER-Medicare data on personal computers, portable devices, or removable media unless these media are encrypted AND password-protected.
    • Encryption is a method used to protect the confidentiality, integrity, and authenticity of the data. SEER-Medicare data stored on portable devices or removable media must be encrypted using one of the following approved encryption standards: Data Encryption Standard (DES) that uses a 64-bit input-output block size; Advanced Encryption Algorithm (AES) that uses a 128, 192, or 256-bit key size; or International Data Encryption Algorithm (IDEA) that uses a 128-bit key size. If any portable device or removable media containing SEER-Medicare data are lost or stolen, the investigator must report the loss to the SEER-Medicare contact within 24 hours/first business day of discovering the loss.
    • A portable device includes any non-fixed equipment that contains an operating system which may be used to create, access, or store SEER-Medicare data. This includes but is not limited to laptops, personal digital assistants (PDAs), and smart phones. Removable media includes, but is not limited to: CDs, DVDs, MP3 players, removable memory, and USB drives (thumb drives).
  • Institutionally provided VPNs are acceptable to link to a time-sharing system for data access. The home-based PC may support the VPN. Any SEER-Medicare data taken off the time sharing system and placed on a home-based computer must be password-protected and encrypted as described on the DUA. In situations where the SEER-Medicare data are accessed by VPN, the PI should be the person doing the data analysis and this person should sign the researcher DUA. The person loading the data on the server also needs to sign an agreement related to protecting the data, called a custodian agreement.
  • Storing all media on which the SEER-Medicare data are delivered in a secure location, such as a locked file cabinet in a locked office, only accessible by you or appropriate designated staff.
  • Maintaining all datasets containing restricted variables physically separate from any other SEER-Medicare files. Separate access controls with strong user authentication (username/password, digital certifications, etc.) must be established to allow limited access to these files. You should be able to track all access to these files.

For a complete description of data use and storage requirements, please refer to the SEER-Medicare data use agreement signed by each user.