What is P20 WIN?
P20 WIN is Connecticut’s state longitudinal data system and is the mechanism by which data from multiple agencies are matched to address critical policy questions. The vision for P20 WIN is to inform sound policies and practice, through the secure sharing of critical longitudinal data across the participating agencies to ensure that individuals successfully navigate supportive services and educational pathways into the workforce.
P20 WIN has a membership of 10 state agencies, institutions of higher education, and nonprofits, including: the Office of Early Childhood (OEC), the State Department of Education (SDE), the University of Connecticut (UCONN), the Department of Labor (DOL), the CT Conference of Independent Colleges (CCIC), Connecticut State Colleges and Universities (CSCU), the Department of Social Services (DSS), the Department of Children and Families (DCF), the Office of Higher Education (OHE), and the CT Coalition to End Homeless (CCEH).
Data are never evaluated to look at or identify individuals; rather, aggregated data are studied to identify areas where education, workforce training and supportive services may be improved in a way that better supports individuals as they engage with various state services.
Why was P20 WIN created?
P20 WIN was established to inform sound policies and practice through the secure sharing of longitudinal data across participating agencies to ensure that individuals successfully navigate supportive services and educational pathways into the workforce.
Connecticut established P20 WIN in 2014 as a federated longitudinal data system, which means data is not housed centrally in state government. A comprehensive data request process has been created in order to facilitate data requests for internal agency analysis, academic and other researchers, and policy-makers. The P20 WIN Learning Agenda reflects the priority issues of the state and state agencies
How are data matched?
Once a request has been approved and and data sharing agreements have been completed, agency Data Stewards begin to pull the requested datasets.
These datasets are then separated into two files. One file is used for matching purposes and includes fields like name, date of birth, etc. and the other file fulfills the request and contains demographic data, requested records, etc. These two files are sent separately to the Data Integration Hub for matching and the creation of fake ID matrix.
The files used to match data are destroyed once the linkage has occurred and generic group numbers and fake ID numbers are in place. The process protects individual privacy by separating the data at all stages of the process, by using meaningless fake record numbers, and by destroying the data used to create the links.
Data recipients receive the matched, deidentified records and the Fake ID matrix for analysis.
What data elements are used to match data?
The specific elements used to match datasets depend on the participating agencies involved in a request and the data sets being matched. Because P20 WIN is decentralized, each participating agency houses and determines the availability of different data pursuant to their respective state and federal laws and regulations.
For example, a linkage between the Connecticut State Colleges and Universities (CSCU) and Department of Labor (DOL) data would be different than a linkage between the Department for Social Services (DSS) and the Connecticut State Department of Education (CSDE) because CSDE does not collect Social Security Numbers for K-12 students.
To learn what data fields are available to include in a data request, please use our P20 WIN Data Dictionary.
The following elements are examples of identifiers that may be used to match data between participating agencies:
- First Name
- Last Name
- Middle Name
- Date of Birth
- Social Security Number (SSN)
Will personally identifiable information (PII) be revealed in reports or findings developed from data matched through P20 WIN?
No. Any findings or reports generated from data linked through P20 WIN will never reveal any information about the experiences or outcomes of an individual. Before any data are made public from a data request, the P20 WIN Data Governing Board members whose data are included review and verify that the data are aggregated sufficiently so that individuals cannot be determined from the data set.
Data are modified by rounding, use of ranges, aggregation of groups and/or elimination of small cell sizes for maximum security as recommended by the U.S. Department of Education in their Technical Brief: Statistical Methods for Protecting Personally Identifiable Information in Aggregate Reporting.
- Where can I find aggregated P20 WIN reports?
What data fields are in P20 WIN?
P20 WIN is a federated system and does not house any agency data. Participating Agencies retain administrative authority over their own data and have the authority to approve or reject a request for their data.
If you are interested in submitting a data request, please refer to the P20 WIN Data Dictionary, which lists the available data elements by agency.
Can state agencies share data without the consent of the parent or individual?
It depends on the agency and the state and federal laws and regulations that make exceptions for sharing data.
If using student data:
The Family Education Rights and Privacy Act (FERPA) allows State and Local Education Authorities or Agencies to disclose student records without consent only under specific conditions (34 CFR § 99.31). Systems like P20 WIN enable Connecticut to evaluate effectiveness of education programs in preparing students for current and future success. There are two exceptions to share data under FERPA - audit and evaluate publicly-funded education programs and research. The requirements for the written agreement include protections such as: a) identification of the purpose for which the data are to be shared, b) restriction against using the data for any other purpose or re-disclosing the data to someone else, c) destruction of data when no longer needed for the designated purpose and d) designation of date by which the data destruction will occur.
How long are records kept?
Personally identifying information such as name or date of birth (DOB) are not retained beyond the time that it takes to conduct a match between data sets. Before analysis, individual records are stripped of the identifying information (e.g. name, DOB). The redacted record containing relevant information is retained only for the duration of the analysis as approved and specified in the Data Sharing Agreement.
How are data shared?
Enterprise Memorandum of Understanding (E-MOU)
Executive leadership at all participating agencies executed an E-MOU that established a comprehensive structure for data sharing across agencies. The EMOU outlines a governance structure, data management process, and confidentiality and security requirements to ensure legal and secure movement of data.
The agreements for agencies participating in P20 WIN are listed on the Resources page.
Process for Data Management
The Data Sharing Agreements outline the roles and responsibilities of each party that will access data - the Participating Agency(ies), the Data Integration Hub and the Data Recipient.
Researchers, policy makers and agency staff may submit a data request for data from two or more participating agencies to answer burning questions. If the request is approved by the members of the P20 WIN Data Governing Board, a Data Sharing Agreement specific to that request will be executed.
Once the Data Governing Board determines that a report is sufficiently aggregated to comply with privacy statutes, the aggregated results and accompanying reports may be made public.
Each Participating Agency determines which data elements are available and whether they may be included in a data request. The P20 WIN Data Dictionary contains data elements that are typically utilized in P20 WIN data requests.
With whom are data shared?
Deidentified data are only disclosed to those whose data requests have been approved. A data sharing agreement for specific data requests is created that encompass the rules and regulations of all parties associated with the request.
Who developed the data sharing agreements and policies that support P20 WIN?
The process of developing each policy, procedure and data sharing agreement that supports P20 WIN has been deliberate and careful to ensure that individual privacy is maintained and all state and federal laws are upheld. Initial drafts were developed by the Operating Group, in collaboration with the Data Governing Board and agency attorneys. Final versions received approval from agency counsel, the Office of the Attorney General, and the P20 WIN Executive Board.
The Privacy Technical Assistance Center (PTAC) has reviewed and approved both the Enterprise MOU and the FERPA Data Sharing Agreements to ensure that they are fully compliant with FERPA.
How do I request data?
If you need data from two or more of the P20 WIN Participating Agencies, you may submit a data request. Begin by sending the Data and Policy Analytics unit staff a one-to-two page proposal that clearly describes your project, the data you are seeking, and how the work you propose would benefit the state. The P20 WIN Data Request Management Procedure and the P20 WIN Data Dictionary may be helpful to you in this process.
How long does the data request process take?
The length of the data request process varies depending on the number of requests in progress, the clarity and complexity of the request, the data elements needed and the availability of the Participating Agency staff to work on the request. Please communicate any deadlines you may have in your data request and we will do our best to meet them.