Confidentiality Policy
Vital Statistics Unit, Northern Ireland Statistics and Research Agency
The United Kingdom Statistics Authority (UKSA) Code of Practice for Official Statistics requires all producers of Official Statistics to publish a clear statement on confidentiality and access of data holdings used in producing statistical outputs. The Code of Practice was last updated on October 2025 and can be found at one the UK Statistics Authority’s dedicated website for the Code of Practice (opens in a new link)
Data Access and Confidentiality
The Vital Statistics Unit (VSU) has arrangements in place to protect the security of vital statistics data. There is a guarantee that no statistics will be published that are likely to identify an individual unless specifically agreed with them, while at the same time obtaining maximum value from the data we hold for statistical purposes by extending access to bona-fide and authorised third parties.
Vital Statistics Data
It is a legal requirement for individuals to register all births and deaths which occur in Northern Ireland and this is done through the General Register Office (GRO). Information is recorded at each birth and death and some of the information will appear in the birth and death registers while some of the information is not recorded in the register (e.g. Population Statistics Act information).
The law requires the Registrar General to make available indexes of the registers and provide certificates on payment of a fee. The Registrar General is also required to publish available statistical information on the number and condition of the population.
The GRO indexes of the registers are held by year of registration of an event and are used to identify the required entry on the register and are essential in applying for a certified copy of the information on the register. While the form in which information from registers can be released is restricted by statute, disclosure of information on the register is not a breach of confidence whatever form it takes. This is because any person may search the indexes and obtain a certified copy. Legally, this makes the information “common knowledge” in that it is accessible to all i.e. it is discoverable by the public.
Information available from the register includes the following variables:
Births
- Child’s Name
- Sex
- Date of Birth
- Place of Birth
- Father’s Name
- Father’s Occupation
- Mother’s Name
- Mothers Usual Address
- Mother’s Maiden Name
- Date of Registration
Deaths
- Deceased’s Name
- Sex
- Date of Death
- Place of Death
- Usual Address
- Marital Status
- Date and Place of Birth
- Occupation
- Cause of Death
- Date of Registration
Marriages and Civil Partnerships
- Date of Marriage / Civil Partnership
- Place of Marriage / Civil Partnership
- Sex of spouses / partners
- Names of spouses / partners
- Ages of spouses / partners
- Marital Status of spouses / partners
- Usual Address of spouses / partners
- Occupations of spouses / partners
In producing statistics from birth, deaths or marriage or death registrations any of the information collected may be used. However, where information is used that is not in the indexes or on the register, the statistics presented are not discoverable and hence are subject to disclosure control.
VSU take the view that, rather than suppressing low counts or using some other form of disclosure control, where possible aggregation of groups is more appropriate. In cases such as age of mother at birth, which is not publically available, we may band the ages into five-year age bands rather than give out individual ages or add several years’ data together before publishing. We will also look at the population at risk and if the data is at a Northern Ireland level we may release it without any aggregation, but we are more likely to aggregate at lower geographical levels for non-discoverable statistics.
In the case of cause of death, while this is publically available, derived statistics on the underlying cause of death are not discoverable and therefore caution must be used when producing any statistics on cause of death. There is no need to use disclosure control for any geography (including Super Output Areas and Census Area Statistical Wards) or similar detailed variables that are based on information contained in the birth or death register because such information is discoverable. Counts of registrations by area do not require any control. Where information by area is combined with other details on the register, judgement must be exercised if this leads to large proportions of zeros and ones in tables. If use is made of information that is not on the register, full disclosure control is needed.
Stillbirth’s information is different from births and deaths as it is completely confidential and the register is closed to the public. Therefore, all stillbirth data is treated with caution and where possible aggregation will be used. VSU look at each data request where data is not currently produced routinely and the amount of information we will provided will reflect a balance between the Registrar General’s legal responsibilities – to further the supply of data (e.g. in the public interest) and to protect confidentiality and privacy.
Arrangements for Maintaining the Confidentiality of Statistical Data
VSU has its own information security management systems that are subject to regular internal audit. It includes issues relevant to physical, technical and organisational security.
Physical Security
All VSU staff need a photographic security pass to gain access to the building. All floors have electronic secure pad access; the branch office accommodation is also securely locked with a further keypad.
The vital statistics team access GRO data through a secure database link. The data is held on a secure data server with access only to direct members of the vital statistics team.
All computer equipment is locked down and all accounts have username and strong password access only. All machines have as standard a locked screen saver with password protection when the computer is sitting idle.
Any visitors are accompanied in the building at all times and can only access the building with a member of staff who has a security pass that allows access.
All staff who work with vital statistics data receive appropriate security checks along with online Data Protection training and they are issued with a security related advice, guidance policies and procedures.
Technical Security
Databases are held on a secure network only accessible to the vital statistics team. Personal or sensitive data are not removed from the network without the prior agreement of either the Head of Vital Statistics Unit or the Assistant Registrar General. Microdata can only be transferred using Secure File Transfer Protocol (SFTP).
Organisational Security
The oversight roles and responsibilities VSU has in place to deliver an effective governance regime are outlined in the DFP Data Protection Policy (https://www.finance-ni.gov.uk/publications/dof-data-protection-policy) which documents staff responsibilities.
Disclosure Security
For vital statistics information that is not already in the public domain, we will not release sensitive personal information where that information may lead to identification of individuals. We will look at each request where the data is not available publically and review whether it is in the best interest of the public to release it.
For each of our statistical and data releases, we will assess the risk of disclosure based on the following:
- Level of aggregation of the data;
- Number of tables produced from each dataset;
- Likelihood of identification;
- Size of the population at risk; and
- Consequences of disclosure.
Freedom of Information (FOI)
While requests under FOI are treated on a case-by-case basis, the presumption is that requests for individual statistical records will be rejected. The legislation contains exemptions and processes that protect confidential information.
Requests for information
All requests for information will be dealt with in a timely manner. All requests will be treated fairly and without prejudice, taking into account the public interest, the requirements of the Data Protection Act (1998) and Freedom of Information Act (2000). Guidance on the Data Protection and Freedom of Information Acts can be found at the Information Commissioners website at https://ico.org.uk/ .
Contact Details
- Is this something you find useful?
- Are there alternative or additional analyses you would like to see included?
Any feedback you may have which you can provide through the online survey at the link below:
Please e-mail comments to demography@nisra.gov.uk
NISRA Vital Statistics Unit
Colby House
Stranmillis Court
Belfast
BT9 5RR
Telephone: +44 (0)300 200 7836