Stay Connected

Follow ERS on Twitter
Subscribe to RSS feeds
Subscribe to ERS e-Newsletters.aspx
Listen to ERS podcasts
Read ERS blogs at USDA

Data Access

ERS plans to make the National Household Food Acquisition and Purchase Survey (FoodAPS) restricted data available to external researchers in the Fall of 2014. This page provides information about:

Data confidentiality and restricted availability

Because FoodAPS data include confidential information, ERS has a legal obligation to prevent accidental or willful disclosure of information that might identify a survey respondent. FoodAPS has invoked the protections and regulations of the Confidential Information Protection and Statistical Efficiency Act (CIPSEA) of 2002 when collecting data from respondents. CIPSEA requires that the collected data be used strictly for statistical purposes and promises respondents high levels of data protection against disclosure of identifying information. Penalties for a violation of CIPSEA procedures can result in a fine of up to $250,000 and/or five years in prison. The restrictions and protections against disclosure of confidential information described below follow guidelines developed by the Office of Management and Budget (OMB). See Implementation Guidance for Title V of the E-Government Act, Confidential Information Protection and Statistical Efficiency Act of 2002 (CIPSEA) 16x16 - PDF.

Anyone requesting access to FoodAPS's restricted data files will be required to complete CIPSEA training and sign a CIPSEA pledge of confidentiality.

Micro data will be available to researchers as CIPSEA-protected, restricted-use data files maintained at the University of Chicago’s National Opinion Research Center (NORC) Data Enclave. All researchers, including ERS staff, must be CIPSEA-trained and sign a pledge of confidentiality before being granted access to restricted data. Furthermore, all research results must be reviewed for disclosure risk and approved by the ERS Confidentiality Officer or his/her designee before the results can be shared with anyone who has not signed an ERS confidentiality agreement that specifically relates to the FoodAPS data.

In defining disclosure risk, ERS will adhere to the guidelines and recommendations presented in OMB’s Statistical Policy Working Paper 22: Report on Statistical Disclosure Limitation Methodology16x16 - PDF.

Procedures for requesting access to FoodAPS data

Six sequential steps are required before access to restricted FoodAPS data in the NORC Data Enclave will be approved:

  1. Submit a project description/proposal for approval using a Project Agreement Form.
  2. After approval of he Project Agreement, complete an ERS Memorandum of Understanding (MOU) between ERS and your organization.
  3. Complete the USDA web-based CIPSEA training course (required of all project members seeking access to the secure data enclave).
  4. Sign the ERS Confidentiality Agreement (required of all project members seeking to access the secure data enclave).
  5. Complete a confidentiality agreement between the user and NORC and establish an account at NORC (user fees apply).
  6. Lease special thin-client devices from NORC (user fees apply).

Additional steps are required to obtain approval to access the restricted-use FoodAPS data:

1. For each distinct research project, a Project Agreement 16x16 - PDF form must be submitted to describe the proposed research and to obtain approval. ERS will assign a primary reviewer.

The review process is designed to:

  • Ensure that the project has a defined research question that addresses a purpose for which FoodAPS data were collected and for which the FoodAPS data are appropriate (see Background).
  • To determine what restricted data elements are needed to complete the project within each level of disclosure risk. (Note: All FoodAPS data maintained at the NORC Data Enclave are CIPSEA-protected and restricted. The data elements vary, however, in terms of their degree of confidentiality and likelihood of posing a disclosure risk. ERS has therefore defined three levels of relative disclosure risk—medium, high, and very high. Proposals requesting access to variables of higher disclosure risk will face a more rigorous review process.)
  • To assess disclosure risk based on requested restricted variables and the types of analyses and outputs proposed.
  • To determine the required software and potential need for external data sets. (Note: Many different software packages are available within the NORC Data Enclave to approved researchers. If a needed package is not currently available, ERS will notify the research team. The research team may then contact NORC to determine if the package may be uploaded to the enclave.)

Within the Project Summary section of the Project Agreement form, the following information should be provided:

  • A description of the research question(s) to be investigated, the statistical technique(s) to be used, and the software to be used;
  • A list of data elements needed for the planned analysis;
  • A description of any household or individual subgroups (for example, households with children or all school-age children) that will be a focus of the research;
  • Plans for using sample weights and procedures that will be used to account for the complex sample design used for FoodAPS data;
  • Table shells and charts that show how research results are expected to be presented;
  • Plans for preventing accidental disclosure of confidential information beyond the confines of the approved project members;
  • A schedule for data analysis, draft of research results, and submission of research papers or reports; and
  • Names of research team members who will need direct access to the restricted data, along with their curricula vitae or resumes.

Note: Please submit a completed Project Agreement form electronically to John A. Kirlin for approval. Submitted proposals will be evaluated primarily on the risk that the proposed research may breach confidentiality.

Researchers are encouraged to review the list of approved research projects already in progress (see Research Topics).

2. Complete a ERS Memorandum of Understanding (MOU) between ERS and your organization, which grants access to FoodAPS data exclusively for statistical purposes under a pledge of confidentiality. The term of the MOU is for two years, and it may be extended. Before preparing a MOU, a Project Agreement with a researcher from the organization must have been approved and signed by ERS.

3. Successfully complete the USDA wweb-based CIPSEA training course. This requirement applies to all research team members who will access the data, develop or review interim tables and charts displaying research results, or draft any written material based on analysis of FoodAPS data. Once a proposal is approved, send team member names, addresses, phone numbers, and email addresses to the ERS Data Custodian to sign up for the online training. CIPSEA training must be renewed annually.

4. Once the CIPSEA training has been certified as successfully completed, each team member must sign the ERS Confidentiality Agreement form. Again, this applies to all team members who will access the data, develop or review interim tables and charts displaying research results, or draft any written material based on analysis of FoodAPS data. The confidentiality agreement must be renewed annually.

Once the MOU and confidentiality agreements have been signed, access to the restricted-use FoodAPS data may be obtained via a secure data enclave managed by NORC. Researchers with approved research proposals will need to lease special thin-client devices from NORC that permit access only to the data enclave. The annual cost for one (lead) researcher to access the data at NORC is $5,200 per year. For each additional researcher who is listed on the MOU and Project Agreement as a collaborator to the lead researcher, the cost for an additional thin-client device is approximately $850 per device. More than one approved researcher may use a single device.

NORC requires two signed documents for access to the data enclave; these documents establish a confidentiality agreement between the user and NORC. In addition, NORC requires all ERS-approved researchers to participate in a short online training course to learn how to access and manipulate data within the enclave, to learn about the processes involved in importing and exporting files, and to learn the rules involved in the statistical disclosure review process. To obtain these documents, email NORC at:

A site visit by the ERS Security Officer or designee may be required for offsite access using NORC. The site visit includes the elements listed in the ERS workplace security checklist.

Review of proposed projects

The review is expected to take about two weeks; if not completed within this timeframe, ERS will provide an updated timeframe to the research team. The ERS review team will examine each proposal for:

  • Consistency—are the specified research questions consistent with appropriate statistical use of FoodAPS data, in terms of both CIPSEA protections and statistical inferences?
  • Technical feasibility—will the proposed statistical approaches and requested data elements support analysis of the research questions? and
  • Disclosure risk during the project and of all proposed statistical output and reports.

Proposals that address questions for which FoodAPS data are not well-suited will not be approved. For example, a proposal to use FoodAPS data to estimate outcomes for a single State will not be approved because the FoodAPS sample was designed to provide results that may be generalized only at the national level. It is unlikely that proposals to present maps based on FoodAPS data will be approved, unless the research team can demonstrate to ERS that the maps would not disclose the PSUs or SSUs of sampled respondents.

Approval will be given only to those proposals that provide suitable protection against disclosure of confidential information about FoodAPS respondents, the establishments they visited, and the food items acquired. For example, output that identifies store names , product manufacturers, or name brands will not be approved. Proposals should address how data and research results will be protected during analysis and report preparation. To help assure ERS that disclosure risk will be minimized, careful forethought should be given to:

  • The specific data elements needed for the proposed research, by level of sensitivity of disclosure risk;
  • The approximate sample sizes of subgroups of interest. (Note: Sample sizes of some household and individual subgroups may be determined through review of FoodAPS codebooks or research findings published on the ERS website. If ERS determines in its review that sample sizes of target populations are inadequate to support the planned analyses, the Project Leader of the proposed project will be informed); and
  • The way that research results will be presented in tables, charts, and figures.

The proposal should describe any output that the research leader or team would like to take out of the data enclave—be as detailed as possible in this section to help the review team assess disclosure risk.

  • Include detailed examples of table shells, models, and/or graphs.
  • Indicate the subsample or unit of analysis used in each type of table, model, or graph.
  • Indicate plans for presenting results (for example, planned presentations at professional/scientific meetings or to a funding organization, working papers and reports, publications in peer-reviewed journals).

After its review, the ERS will decide to approve, revise and resubmit, or disapprove the proposed project.


  • Approval of an application does not mean that USDA endorses the merit of the proposed research or its substantive, methodological, theoretical, or policy relevance.
  • USDA approval reflects the judgment that the research described in the proposal is an appropriate use of the requested data.
  • Approval of a proposal does not explicitly or implicitly guarantee that all output generated by the analysis will be released. Output that poses a disclosure risk will not be approved and may not be disclosed.

Revise and resubmit:

  • The research team may be asked to revise and resubmit after the first review. If this is the case, ERS will work with the team to help the proposal comply with ERS's guidelines.
  • The research team should always indicate the date of revision on the first page of the proposal and highlight any changes when resubmitting a proposal.


  • ERS will provide documentation of the reasons that a proposed project was not approved.  If a proposal is not approved, the research team may revise it and resubmit as a new proposal.

Amending an existing project agreement

If, during the course of analysis, the research team decides to change/add a research question or propose additional table shells, charts, or figures for a planned publication or report, the original Project Agreement will need to be amended. The research team must then submit a Request for Amended Project Agreement to ERS:

  • Indicate the name and number of the original approved Project Agreement and the date of the request for an amendment on the first page.
  • Include a summary of the requested change(s).
  • Explain the requested change(s) and why they are necessary throughout the relevant sections of the proposal.
  • Highlight or “track” all changes.

The review process should take about two weeks. Amendments related to staffing changes or additional variables of similar sensitivity to those variables already approved should take less than 2 weeks to review. Amendments requesting access to more sensitive data than already approved may take more time.

Examples of amendments include:

Changes in key staff:

  • If the primary investigator or programmer in direct contact with the data changes during the research project, the Project Agreement must be updated, and the new person must be CIPSEA-trained and submit the necessary confidentiality paperwork to both ERS and NORC.

Additional variables:

  • Importing external data to the data enclave. This requires the approval of ERS's primary reviewer and may/may not require review by the entire review team.
  • Adding FoodAPS variables of equal or less disclosure risk than variables already approved. This requires the ERS reviewer’s approval.
  • Adding FoodAPS variables of greater disclosure risk than variables already approved. This requires review and approval by the entire review team.
  • Adding variables unrelated to the original research questions will most likely require a new proposal and a complete review.

New research questions, methods, or expected output:

  • Any changes to the approved Project Agreement must be approved by ERS. The project leader should contact ERS and submit a proposal to amend the Project Agreement. The amended Project Agreement must be approved and signed by ERS before any outputs from the data enclave will be approved for release.

Review of analytic output

Before any type of output—including tables, charts, graphs, slide presentations, draft reports, and final reports—can be downloaded from the NORC Data Enclave, it will be reviewed by both NORC and an ERS analyst for both disclosure risk and adherence to outputs specified in the Project Agreement. This review requirement includes preliminary or interim results meant to be shared outside of the data enclave with CIPSEA-trained and approved colleagues on the research team.

If a review determines that disclosure risk is present, ERS will notify the research team to indicate which parts of the output pose disclosure risk. The research team and the ERS reviewer may then work together to reach agreement on output that would be approved for download from the data enclave. If there is a disagreement between the research team and the ERS reviewer as to whether any proposed output poses a disclosure risk, the research team may request a review by the ERS Confidentiality Officer. The Confidentiality Officer’s decision regarding disclosure risk will be final.

Data access forms

Please submit all forms to Dawn Williams on the FoodAPS team. The following forms are available for download:

ERS memorandum of understanding PDF icon (16x16) 

ERS project agreement PDF icon (16x16) 

ERS confidentiality agreement PDF icon (16x16)

ERS workplace security checklist PDF icon (16x16)

Last updated: Wednesday, October 08, 2014

For more information contact: Dawn Williams, John A. Kirlin, and Mark Denbaly

Share or Save this Page