The JPMorganChase Institute prides itself on providing valuable, data-driven insights to policymakers, businesses, and nonprofit leaders. However, these insights must not come at the expense of individual privacy or client confidentiality. To protect both, the Institute follows rigorous security and privacy protocols informed by statistical disclosure and de-identification practices, and supported by technology, privacy, and information-security experts.

Key steps the Institute takes include:

  • Policies and procedures require that data received and processed for research purposes do not identify specific individuals or entities.
  • Researchers undergo background checks and sign confidentiality agreements before accessing data. They may use the data only for approved research purposes and must not attempt to re-identify anyone represented in the data.
  • Publications reflect aggregate results or other information that is not reasonably attributable to a unique, identifiable individual or entity.
  • Data is stored on secure servers and can be accessed only under strict procedures designed to prevent export outside of JPMorganChase systems. Our infrastructure complies with JPMorganChase technology risk management requirements for data monitoring and security.

(Last Reviewed May 21, 2026)