Data security and protecting respondent confidentiality are part of the training for all ISR interviewers. Interviewers also sign confidentiality forms. At the start of an interview, interviewers read our ethics statement to respondents and this is a constant reminder of the importance of protecting respondent confidentiality. Interviewers would be dismissed for a breach of respondent confidentiality.
The Institute’s servers are locked in a windowless interior room within the locked ISR suite. There is only one entrance to the server room, each server is protected by an uninterruptible power supply with its own additional battery pack, and its location was planned so that the entrance way could be continually monitored via CCTV. The servers are not Windows servers which reduces the likelihood of a virus infecting the servers or a hacker gaining access to the servers. Additionally the servers do not run the IP protocol and are filtered at the switch to ensure they are not “visible” outside of ISR. A redundant server located in a second locked room mirrors the primary server protecting against a catastrophic hardware failure. Full backup tapes are run nightly and on a weekly basis a complete backup tape is moved off the site by a senior manager. ISR protocol demands that the server room stays locked at all times and key-entry access is limited to four authorized senior staff members only – no one else is permitted in the server room, including caretaking staff.
To ensure maximum data security and confidentiality, the CATI system used to conduct interviews is a DOS-based computer and the USB and CD/DVD drives are inoperable. These interviewer workstations have no internet connection and can only access ISR’s dedicated data collection servers. Portable electronic devices, such as cell phones, “smartphones” and iPods are not permitted in the telephone labs - a common sense security measure strictly enforced at ISR.