Data Suppression Rules

Data Redaction Rules

  • Public education reports offer the challenge of meeting transparency requirements while also meeting legal requirements to protect each individual's personally identifiable information (PII). Recognizing this, the reporting requirements state that disaggregation of the data may not be published if the results would yield personally identifiable information about an individual student. While the data used by the DDOE and Local Education Agencies (LEA) is comprehensive, the data made available to the public is redacted, i.e. masked, to avoid unintended disclosure of personally identifiable information at summary school, LEA, or state level reports.

    Here are some key definitions:

    1. Aggregate Data are data which are summed, averaged, or otherwise calculated as a combination of individual data.
    2. Cell is defined as a subset of individuals within a particular group that shares a particular characteristic or set of characteristics.
    3. Count (a.k.a Value) is defined as an aggregated number of individuals within a cell or population.
    4. Mutually Exclusive Groups are groups to which an individual can belong to only one at any given time. Examples of such groups include, but are not limited to, gender and grade.
    5. Percentage is defined as the ratio of the cell value to the population value.
    6. Personally Identifiable Information (PII) is information that can be used on its own or in combination with other information to identify, contact, or locate a single person.
    7. Population is defined as every individual in a particular group that shares a particular characteristic or set of characteristics
    8. Redaction (a.k.a. Disclosure Avoidance) refers to the efforts made to reduce the risk of disclosure, such as applying statistical methods to protect Personally Identifiable Information in aggregate data tables.
    9. Risky (a.k.a sensitive) cell refers to any cell whose value can be used to uniquely identify a student. See also personally identifiable information

    In compliance with the Family Education Rights and Privacy Act (FERPA) (CFR §99) as well as other applicable federal and state privacy statutes and regulations, the DDOE applies the following methods to avoid disclosure of personally identifiable information in aggregate public reporting.

    When reporting data to the public, DDOE will require the following data be redacted:

    1. Any cell whose population value is less than fifteen (15), regardless of the cell’s value.
    2. Any cell whose corresponding population value is at or above fifteen (15), but whose cell value is less than five (5).
    3. Any cell whose corresponding population is at or above fifteen (15), but whose cell value is within five (5) of the population.

    When reporting data to the public, DDOE will:

    1. Redact all risky cell values as defined above.
    2. Redact any non-risky cell value to ensure that there are at least two (2) redacted cells within any mutually exclusive group reported.
    3. Apply redaction based on cell and/or population values only.

    Visually, redacted data may appear in a number of ways. It may appear as:

    1. a dash (-)
    2. an asterisk (*)
    3. the word "Protected"
    4. "<X" (or ">X") where X is a number below (or above) which the risk of disclosure is too high
    5. CSC, which stands for "Complementary Suppression by Category." This mean a non-risky cell in a table was also redacted in order to prevent the value of a risky cell from being calculated by subtracting the reported values from the column total.
    6. CSG, which stands for "Complementary Suppression by Group." This mean a non-risky cell in a table was also redacted in order to prevent the value of a risky cell from being calculated by subtracting the reported values from the row total.
Last Modified on December 17, 2018