Standard Procedures for the Storage of Research Data
These procedures are meant to help with the planning of research projects and student theses so that we can meet the privacy requirements set forth in Norwegian law and requirements relating to data security at MF. The procedures cover both measures relating to data security and physical storage.
Personal data and confidential information is to be stored in such a way that prevents others from gaining access to or knowledge of them. All processing of such data must be submitted to a security and risk analysis (SRA). Information concerning current legislation and details on SRA can be found in the Personal Data Management Guidelines for Research and Academic Work at MF.
Routines described here:
- Storing data on private devices and machines
- Data management plan, physical security and encryption
- Open Science at MF
Planning on writing a master's or bachelor's thesis?
Personal data is to be processed carefully and requires strict security measures. We advise you to design your project in such a way that makes the collection of sensitive data (what the law defines as 'special categories of personal data' as well as data relating to criminal convictions and offences and so on) unnecessary. Speak with your advisor about how you can write your thesis without having to store such data.
Confidential data is also to be stored in such a way that prevents others from gaining access to or knowledge of them. Both the Public Administration Act §§ 13 ff. and special legislation contain provisions concerning confidentiality. Speak with your advisor about how you can write your thesis without having to store such data.
For details concerning personal data protection and security and risk analysis (SRA) related to collecting data, see the Personal Data Management Guidelines for Research and Academic Work at MF.
The Responsibilities of an Advisor:
With student theses, it is the advisor's responsibility to consider questions of 'special categories of personal data' in the legal sense, or the necessity of caution when processing data for other reasons (for example, institutional or contractual considerations). Contact the IT office for answers to question related to processing data.