Mapping to NDSA Levels of Preservation
This chapter will cover:
- Mapping of ALCOA to NDSA functional areas
- Mapping of NDSA LoP to ALCOA principles
Click here for a reminder on what the NDSA Levels of Preservation are.
A summary of the mapping is shown in the table displayed. The numbers in the table correspond to the level that will likely be required for each of the NDSA functional areas (Storage, Integrity, Control, Metadata, Content). The NDSA LoP levels are:
- Level 1 (Know your content)
- Level 2 (Protect your content)
- Level 3 (Monitor your content)
- Level 4 (Sustain your content)
The levels are additive. For example, Level 3 ‘Monitor your content’ means that Level 1 and Level 2 are already in place, i.e. the organisation had already met the requirements to know and protect the content.
In the table displayed, the NDSA level typically has a range. This is because the required NDSA level to meet a given ALCOA principles depends on the type of data being archived, the duration of archiving, and for what purpose(s). For example, the risks to patient health are lower for real-world research studies than for clinical trials. The types of data collected and the duration of retention can be different and this also impacts the level of LTDP needed. For example, a higher level of LTDP will be appropriate for preserving the records for clinical trials, which have a retention period of 25 years (or 30 years for ATIMP), compared to records of real-world research studies, which have a retention period of five years.
In the table displayed, if the NDSA level has a single value then this means that the shown level should be met or better.
Some functional areas of the NDSA levels of preservation apply across the board to all ALCOA principles.
For example, consider audit trails which are an essential part of asserting Data Integrity.
- Audit trails are classed as metadata under the NDSA LoP. This metadata should be stored safely. This is covered by NDSA under “Storage”.
- Audit trails should be secure and controlled so they can’t be edited. This is covered by the NDSA LoP under “Control”.
- Audit trails need to be enduring. This is covered by NDSA under “Integrity”.
- Over time, audit trail files may need migration to ensure they remain legible. This is covered by the NDSA LoP under “Content”.
Likewise, the expectations for data to be Credible and Corroborated also depends on all the NDSA LoP. Data is only Credible if data loss or corruption is prevented (NDSA LoP Storage and Integrity), the evidence to support how and when the data was captured is maintained, such as audit trails and timestamps (NDSA LoP Metadata), there is control over who has access to the data and whether it can be modified (NDSA LoP Control), and whether documentation to support Credibility and Corroboration is itself preserved and remains readable and usable (NDSA LoP Content).
In this way, all 5 of the NDSA functional areas apply to evidence such audit trails, and wider aspects of ensuring data is Credible and Corroborated. Rather than list every NDSA functional level as being required by every ALCOA principle, the table above focuses on the NDSA functional levels that are the most important.
More explanation of the mapping is provided below. This includes some examples of where NDSA requirements are particularly relevant. These examples are not exhaustive.
Click on each element to view the mapping of each ALCOA principle.