Risk identification and management for the research use of government administrative data

DOIhttps://doi.org/10.1108/RMJ-03-2019-0016
Publication Date20 Sep 2019
Pages101-123
AuthorElizabeth Shepherd,Anna Sexton,Oliver Duke-Williams,Alexandra Eveleigh
SubjectInformation & knowledge management,Information management & governance
Risk identication and
management for the research use
of government administrative data
Elizabeth Shepherd,Anna Sexton and Oliver Duke-Williams
Department of Information Studies, UCL, London, UK, and
Alexandra Eveleigh
Wellcome Library, Wellcome Collection, London, UK
Abstract
Purpose Government administrative data have enormous potential for public and individual benet
through improved educational and health services to citizens, medical research, environmental and climate
interventionsand better use of scarce energy resources. The purpose of this study (part of the Administrative
Data Research Centre in England, ADRC-E)was to examine perspectives about the sharing, linking and re-
use (secondary use) of government administrative data. This study seeks to establish an analytical
understandingof risk with regard to administrativedata.
Design/methodology/approach This qualitative study focused on the secondaryuse of government
administrativedata by academic researchers. Data collectionwas through 44 semi-structured interviews plus
one focus group,and was supported by documentary analysis and a literature review. The studydraws on the
views of expert data researchers, data providers, regulatory bodies, research funders, lobby groups,
informationpractitioners and data subjects.
Findings This study discusses the identication and management of risk in the use of government
administrativedata and presents a risk framework.
Practical implications This study will have resonance with records managers, risk managers, data
specialists,information policy and compliance managers, citizens groupsthat engage with data, as well as all
those responsiblefor the creation and management of government administrativedata.
Originality/value First, this study identies and categorizesthe risks arising from the research use of
government administrative data, based on policy, practice and experience of those involved. Second, it
identies mitigatingrisk management activities, linked to ve key stakeholder communities,and it discusses
the locus of responsibility for risk managementactions. The conclusion presents the elements of a new risk
framework to inform futureactions by the government data community and enable researchersto exploit the
power of administrativedata for public good.
Keywords Risk Management, Open data, Information governance,
Government administrative data, Sensitive data
Paper type Research paper
1. Introduction
Government administrative data have enormous potential for public and individual benet
through improved educational and health services to citizens, medical research,
environmental and climate interventions and exploitation of scarce energy resources.
Administrative data is usually collected primarilyfor administrative (not research) purposes
by government departments and other organizations for the purposes of registration,
transaction andrecord keeping, during the deliveryof a servicesuch as health care, vehicle
licensing, tax and social security systems (https://esrc.ukri.org/funding/guidance-for-
applicants/research-ethics/useful-resources/key-terms-glossary/). Administrative data are
Risk
identication
and
management
101
Received29 March 2019
Revised7 June 2019
Accepted16 June 2019
RecordsManagement Journal
Vol.30 No. 1, 2020
pp. 101-123
© Emerald Publishing Limited
0956-5698
DOI 10.1108/RMJ-03-2019-0016
The current issue and full text archive of this journal is available on Emerald Insight at:
https://www.emerald.com/insight/0956-5698.htm
usually distinguished from data collected for statistical use such as the census. Unlike
administrative records, they do not provide evidence of activities and generally lack
metadata and contextrelating to provenance. Administrative data, unlike open data,are not
routinely made open or accessible, but access can be provided only on request to named
researchers for specied research projects through research access protocols that often take
months to negotiateand are subject to signicantconstraints around re-usesuch as the use of
safe havens.Researchers seldom makeuse of freedom of information oraccess to information
protocols to access such data because they need specic datasets and partic ular levels of
granularity and an ability to re-process data, which are not made generally available. This
study draws on research undertaken by the authors as part of the Administrative Data
Research Centre in England (ADRC-E). The research examined perspectives on the sharing,
linking and re-use (secondary use) of administrative data in England, viewed through three
analytical themes: trust, consent and risk. This study presents the analysis of the
identicationand management of risk in the researchuse of government administrativedata
and presents a risk framework. Risk management (i.e. coordinated activities that allow
organizationsto control risks, Lemieux, 2010) enablesus to think about the balance between
risk and benet for the public good and for other stakeholders. Mitigating activities or
management mechanisms used to control the identied risks depend on the resources
availableto implement the options, on the riskappetite or tolerance of thecommunity and on
the cost andlikely effectiveness of themitigation. Mitigationand risk do not work in isolation
and should be hol istically viewed by keepi ng the whole information inf rastructure in balance
across theadministrative data systemand between multiplestakeholders.
This study seeks to establish a clearer picture of risk with regard to government
administrative data in England. It identies and categorizes the risks arising from the
research use of government administrative data. It identies mitigating risk management
activities, linked to ve key stakeholder communities and discusses the locus of
responsibility for risk management actions.The identication of the risks and of mitigation
strategies is derived from the viewpointsof the interviewees and associateddocumentation;
therefore, they reect their lived experience.The ve stakeholder groups identied from the
data are as follows: individual researchers; employers of researchers; wider research
community; data creators and providers and data subjects and the broader public. The
primary sections of the study, following the methodology and research context, set out the
seven identied types of risk events in the research use of administrative data, present a
stakeholder mapping of the communities in this research affected by the risks and discuss
the ndings related to managing and mitigating the risks identied. The conclusion
presents the elements of a new risk framework to inform future actions by the government
data community and enable researchers to exploit the power of administrative data for
public good.
2. Methodology and research context
2.1 Methodology
Between 2014 and 2017, researchers conducted four case studies on government
administrative data for education, transport, energy and health. The purpose of the study
was to examine stakeholder perspectives about the sharing, linking and re-use (secondary
use) of administrative data. After a scoping study, the qualitative research undertook 44
semi-structured interviews plus one focus group, and the data were supported by
documentary analysis and a literature review. The secondary use of government
administrative data by academic researchers was the core of each case study. The research
data were enriched by interviews with government bodies as data providers, regulatory
RMJ
30,1
102

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT