Rules on transfer of analysis results

Statistics Denmark defines microdata as data related to single observations, except for sex, age, industry and municipality/sector. Examples of microdata include:

• Pseudonymised key variables that refer directly to an individual person, household, family or enterprise, for example, PNR (civil registration numbers), CVR numbers, establishment numbers, address codes such as BOPIKOM and FAMILIE-ID, etc.
• Data sets or parts of data sets that hold background information such as income, education and socio-economic status, or calculated variables on an individual level, where the pseudonymised civil registration number has been removed. The same applies to data on enterprises.

The main objective of Statistics Denmark’s Data Confidentiality Policy is to ensure that microdata made available through the microdata schemes cannot be used to identify individual persons or enterprises. This is why all analysis results and other materials must be completely stripped of microdata, before these can be transferred. 

Are you in doubt about the rules? This is how you get answers 

If you have questions about the rules, or if you are in doubt whether your material for transfer contains microdata, you may not transfer until you have found guidance. You can find further guidance in Statistics Denmark’s guide materials: 

Vejledning i datasikkerhedsreglerne under Mikrodataordningerne, herunder for hjemsendelse af analyseresultater og sanktioner ved databrud (pdf) (in Danish) 

If you do not find the answer here, you should seek guidance from a more experienced user in your institution. Make sure that the person you are asking for guidance has access to the same project as you, before you show your screen to that person and receive specific guidance. 

In case of questions of a more general nature, you can also contact Research Services at FSEHjemtag@dst.dk. In your request, you must indicate your ident and, if relevant, your project number. Note: If you want to describe a data set or what you suspect could be microdata, you must never include actual data or information. Always use fictitious figures and examples.

As a main rule, analysis results, aggregate tables or figures may only be transferred, if it is not possible neither directly nor indirectly to identify or recognise individual units, such as individual persons or households. This is why Statistics Denmark requires that analysis results and other material for transfer be subjected to statistical disclosure control. Below, you will find a description of the rules on statistical disclosure control for personal data. 

Personal data – Statistics Denmark’s statistical disclosure control requirements 

The requirements for statistical disclosure control in relation to personal data determine that analysis results or other material that is requested transferred from Statistics Denmark’s researcher machines may not contain information on individual units. In practice, this means that it must not be possible to identify, recognise or obtain information on individual persons or enterprises, neither directly nor indirectly, in the transferred material.

Statistics Denmark’s requirements for statistical disclosure control applicable for personal data are:

• There must be minimum 3 observations per table cell for transfer of analysis results or other material from Statistics Denmark’s researcher machines to be allowed. The requirements may be stricter for some registers, for example minimum 5 observations per table cell. If this is the case, it will be indicated in Denmark’s Data Portal when you order data.
  
  For formats that do not include table cells, such as figures or graphs, a good rule of thumb is that they should have at least 3 observations per table cell if converted to tables. If this is not the case, further aggregation is required. Aggregation means merging of cells/figures until they comply with the statistical disclosure control requirement and ensure anonymity.
• It must not be possible by backward calculation or cross reading to deduce observations that have been aggregated or otherwise obscured or removed in a table, graph or figure. If this is possible, further aggregation is required.

Note: The above description is intended only as a guide. The final responsibility that your material has been subjected to sufficient statistical disclosure control lies with you as user. The level of aggregation depends on a specific assessment of your material, and if you are in doubt whether 3 or in some cases 5 observations are enough to ensure anonymity, you should aggregate further. 

You can find further guidance and examples in Statistics Denmark’s guide materials:

Vejledning i datasikkerhedsreglerne under Mikrodataordningerne, herunder for hjemsendelse af analyseresultater og sanktioner ved databrud (pdf) (in Danish) 

Are you in doubt? This is how you get help

If you are in doubt whether your file complies with Statistics Denmark’s requirements for statistical disclosure control, you must refrain from transfer until you have aggregated your material further or received guidance from a more experienced user in your institution. Make sure that the person you are asking for guidance has access to the same project as you, in order for you to be allowed to show your screen to that person and receive specific guidance. 

In case of questions of a more general nature, you can also contact Research Services at FSEHjemtag@dst.dk. In your request, you must indicate your ident and, if relevant, your project number. Note: If you want to describe a data set or what you suspect could be microdata, you must never include actual data or information. Always use fictitious figures and examples.

As a main rule, analysis results, aggregate tables or figures may only be transferred, when it is not possible neither directly nor indirectly to identify or recognise individual units, such as enterprises. This is why Statistics Denmark requires that analysis results and other material for transfer be subjected to statistical disclosure control. Below, we go through the main rules for business data.

Business data – Statistics Denmark’s statistical disclosure control requirements

The requirements for statistical disclosure control in relation to business data establishes that analysis results or other material that is requested transferred from Statistics Denmark’s researcher machines, may not contain information on individual units. In practice, this means that it must not be possible to identify, recognise or obtain information on enterprises or workplaces, neither directly nor indirectly, in the transferred material. 

Statistics Denmark’s requirements for statistical disclosure control applicable for business data are:

• There must be minimum 3 observations per table cell to allow transfer of the analysis results or other material from Statistics Denmark’s researcher machine. For formats that do not include table cells, such as figures or graphs, a good rule of thumb is that they should have at least 3 observations per table cell if converted to tables. If this is not the case, further aggregation is required. Aggregation means merging of cells/figures until they comply with the statistical disclosure control requirement and ensure anonymity.
• It must not be possible by backward calculation or cross reading to deduce observations that have been aggregated or otherwise obscured or removed in a table, graph or figure. If this is possible, further aggregation is required.
• In case of analysis results on operating economy variables, it must be taken into account that individual enterprises must not dominate the data set so that publication of the total exposes too much. In practice, this means that the one or two biggest statistical units (enterprises) combined must not account for more than 85 per cent of the total. You can read about the statistical disclosure control methods by the dominance rule in Statistics Denmark’s Data Confidentiality Policy, pp. 15-17. 

Note: The above description is intended only as a guide. A sufficient level of aggregation depends on a concrete assessment of your material, and you, as a user, has the final responsibility that your material ensures anonymity. 
You can find further guidance and examples in Statistics Denmark’s guide materials: 

Vejledning i datasikkerhedsreglerne under Mikrodataordningerne, herunder for hjemsendelse af analyseresultater og sanktioner ved databrud (pdf) (in Danish) 

Are you in doubt? This is how you get help

If you are in doubt whether your file complies with Statistics Denmark’s requirements for statistical disclosure control, you must refrain from transfer until you have aggregated your material further or received guidance from a more experienced user in your institution. Make sure that the person you are asking for guidance has access to the same project as you, before you show your screen to that person and receive specific guidance. 

In case of questions of a more general nature, you can also contact Research Services at FSEHjemtag@dst.dk. In your request, you must indicate your ident and, if relevant, your project number. Note: If you want to describe a data set or what you suspect could be microdata, you must never include actual data or information. Always use fictitious figures and examples.

Unless a special agreement has been entered, any transfer from Statistics Denmark’s researcher machines must happen via the transfer tool in Denmark’s Data Portal (DDV). The process takes place in three steps: First, you must upload the files that you want to transfer. Then you must check the files, and eventually, you can download them to your own computer.

When the files are uploaded, they will be scanned for possible microdata, so that you can get a warning before you transfer the material, in case is contains data that resembles microdata. In this way, you can correct any errors and avoid breaches.
Note: The scanning tool is a supplement and cannot replace manual checking. You as a user has the final responsibility that your material has been subjected to sufficient statistical disclosure control and does not contain microdata.

Step-by-step guide for transfer and downloading of files

1. Upload the files
   
   To upload the files for transfer, you must log into the Researcher machine (on the server to which your project is linked, e.g. srvfsencrr13, which is a hosted server, or FSE Windows, which is the Research Services common server) via remote.dst.dk. Then click the shortcut ‘Transfer', which is on your desktop. Now an application opens in your web browser, and you will be taken to the page where you can upload files for transfer.
   
   Here you can read about Statistics Denmark’s guidelines for transfer of analysis results.
   
   Select which files you want to transfer either by clicking ‘Add files’ or by dragging the files to the page. You can both add individual files and whole folders of files. Note that you can only select files of the allowed file type and size. Read further below under ’Transfer via transfer tool in DDV - allowed file types’ If you select a file that cannot be transferred, you will get an error message. 
   
   When you have selected the files that you want to transfer, click the button ‘Check’.
2. Check the files 
   
   You will now be taken to the page that scans and checks for possible microdata. On the page, you can once more read the guidelines for transfer of files.
   
   If you get a risk warning that a file may contain microdata, it is mandatory to add a comment with information on what the file contains. The comment is needed for Research Services’ checking of transferred files. You will be guided on the page. If you find out that you have forgotten to add a file, you can easily navigate back and forth between the upload page and the check page.
   
   Before you can transfer the files, you must approve that the selected files comply with Statistics Denmark’s Data Confidentiality Policy and the guidelines for transfer. You approve this by clicking the field next to ‘Approve transfer’. When you have done so, you can transfer the files by clicking ‘Transfer’. You will then get a message saying that your files have been sent from the researcher server.
3. Download the files to your own computer via Denmark’s Data Portal
   
   You are now ready to download the files you have just transferred. To do so, you must log into Denmark’s Data Portal (DDV) in the same way as usual.
   
   Once you have logged in, click ’My overview’. Find the relevant project under the ‘Projects’ tab, and then click the tab ‘Transfers’. Here you will find all the files that have been transferred for the project in question. The files are sorted by the date of transfer. 
   
   When you click the separate date, you can see all the files that you have transferred on that day. You can also see which comments you have made earlier for the file by clicking the speech bubble, and you can delete the file by clicking the wastebasket. 
   
   You download the files to your own computer by clicking the downward arrow.

Problems transferring? 

If you have problems transferring via the transfer tool in Denmark’s Data Portal (DDV), please write to forskningsservice@dst.dk.

Only file types approved by Statistics Denmark can be transferred. If you try to upload a file of a non-approved file type, you will get the message: “File type not allowed" in the system. Note: Changing the file extension in relation to the file content is not allowed.

Allowed file types for transfer from Statistics Denmark’s researcher machines

Problems, questions or requests? Contact Research Services

If you have problems transferring via the transfer tool in Denmark’s Data Portal (DDV), please write to forskningsservice@dst.dk.

Research Services check the transfer of analysis results under Statistics Denmark’s Microdata schemes by means of a system-supported control tool in Denmark’s Data Portal (DDV) as well as by sampling. The purpose is to ensure that microdata are not transferred and that Statistics Denmark’s statistical disclosure control requirements are observed. 

In Research Services’ control screening of transferred materials from Statistics Denmark’s researcher machines, three file types are sampled for control, including: 

1. Files that are risk marked (i.e. files with content that resembles microdata)
2. Files exceeding the maximum size of 1 MB
3. Files that cannot be scanned  

In addition, 10 per cent of the transferred files from the researcher machines are randomly sampled for checking. 

If Research Services’ identifies a breach when checking, it can lead to sanctions. Read more under Sanction rules

If you fail to comply with Statistics Denmark’s rules or you suspect that you have failed to do so, you have a duty of notification. If you comply with your duty of notification, this will be regarded as a mitigating circumstance.

Please notify both the person responsible for authorisation in your institution and Research Services. You notify Research Services by sending an email to FSEHjemtag@dst.dk with the following: 

• Your ident 
• Project number, if any
• A description of the breach or where you suspect a breach
• Date and time of the breach 

If the breach involves files, for example files you have transferred, image files on your computer, in your mailbox or similar, you must delete them immediately from your PC, Denmark’s Data Portal, mail folders etc. and inform about this in your email to Research Services.

Statistics Denmark’s data security rules under the Microdata schemes (in Danish)

Statistics Denmark’s information security and data confidentiality policy 

Information security and data confidentiality policy – Statistics Denmark

Agreements (in Danish)

Autorisationsaftale (pdf)
Databehandleraftale (pdf)
Tilknytningsaftale (pdf)
Brugeraftale (pdf)