The National Center for Education Statistics has had confidentiality provisions in law since 1988, which require NCES to protect the confidentiality of all individually identifiable data collected for statistical purposes under a pledge of confidentiality. A violation is classified as a Class E Felony punishable with a fine up to $250,000 and a possible prison term of up to five years. Over the last 15 years, NCES has developed a number of policies and procedures to protect its data from collection to analysis--including data collection contractor controls, internal staff procedures for handling data, disclosure risk procedures for the release of public-use files, and restricted-use licensing procedures to allow qualified external researchers access to confidential data. As a result of the passage of the E-Government Act of 2002, any federal agency that collects individually identifiable data under a pledge of confidentiality for statistical purposes is required to protect the confidentiality of those data. Many other federal agencies now share data protections and responsibilities that led to the development of the NCES data security program.