Skip to Content

Research

Research

R&D Guide

Protection of privacy/ data plans/ data management

Secure processing of research data is a prerequisite for research credibility and further use. Improper processing of research data could lead to fines, conviction and loss of reputation for both individual researchers and HiOA.

Good planning is vital for reducing the risk of data processing errors. The greatest risk is associated with the start-up phase (collection, conversion, encryption and transmission) before the data is stored on a well-secured processing solution.

Input and advice early in the planning phase is important, especially when it comes to data management / processing.

Contents

  1. Privacy and ethics in research
  2. National data policy for research data management
  3. Management of research data and data processing at HiOA
  4. Help for strategic planning of institutional data
  5. Data management plan (DMP)
  6. Find, gain access to, collect and store research data
  7. Statistical data
  8. Data processor agreement
  9. Transferring research data
  10. Long-term storage, deletion and anonymisation of research data

1. Privacy and ethics in research

2. National data policy for research data processing

The Research Council has adopted a policy and guidelines for open access to publicly funded research data.

"The main principle in the guidelines is clear: Research data must be shared. Research data must "ultimately [...] be available to relevant users, under the same conditions, at the lowest cost. The fact that the research council now clarifies its policy through guidelines for open access and data sharing is very important for the work of building national research data archives and common data services for Norwegian research. "(From "Research data must be shared", nsd.no)

The Research Council's policy and strategy for sharing data (to be reviewed in 2017 in accordance with the platform of knowledge provided by the Research Council to the Ministry of Education) (.pdf, 1,57 MB).

The new legislation for privacy takes effect from May 2018 (datatilsynet.no).

3. Management of research data and data processing at HiOA

How research data is managed in concrete terms depends largely on the individual research project.

It is critical that research data is managed correctly and in compliance with laws and regulations.

Data belonging to a given institution may be reserved for the institution's employees, or shared with other researchers under certain conditions.

It is important to have a good planning to reduce the risk of wrong data management. The greatest risk is associated with the start-up phase (collection, conversion, encryption and transmission) before data is stored on a well-secured storage site.

Violation of guidelines and laws for research data management may result in conviction, fines and damaged reputation for the researchers and HiOA.

Input and counseling early in the planning phase is important, especially when it comes to data management / processing.

Contact fou-teknisk@hioa.no to discuss data management in as early stage as possible in potential and initiated projects.

All must go through a risk and value assessment upon start-up.

4. Help for strategic planning of institutional data

Discipline-specific guidelines

Best practices depend on the field of research. The faculty of health sciences has different guidelines for data management than the faculty of social science.

Medical and health research projects, general research biobanks and exemption from the duty of confidentiality for other types of research must be pre-approved by REK.

Guidelines for HiOA employees about applications to regional committees for medical and health research ethics (REK).

The R&D advisor at your faculty or centre will be able to advise about relevant guidelines for your specific research project.  

Contact the R&D advisors at the faculties and centres.

5. Data Management plan (DPM)

The data management plan must state how the research data will be collected, stored and shared. Data management plans vary in range and level of detail depending on the specific research project and according to what the different financiers require.

See examples on procedures for data management plans for Norwegian research projects and EU projects. 

6. Find, gain access to, collect and store research data

Find and gain access to reuse research data

The Norwegian centre for research data (NSD) has opened available data sets for personal data, regional data, institutional data, data about the political system and portal for educational research.

The Norwegian Institute for Public Health provides data for research and analysis. Here you will find an overview of health records, health surveys and biobanks as well as practical information about the application process.

Statistics Norway (SSB) has made an overview of data sets which also states who may order data, which authority may grant exemption from the duty of confidentiality and the legal basis for the duty of confidentiality.

For access to data from  Statistics Norway (SSB), go to its website Data for research. It shows what you need to do to borrow data. Statistics Norway grants microdata to research projects and has data relating to persons, businesses and enterprises.

7. Statistical data

8. Data processor agreement

The UH-sector has made a proposal for data processing agreement under new privacy legislation (GDPR, which will enter into force on 1 July 2018). Here is an engelish version too. This data processor agreement template is to be used, but has to be customized in each case. There is also made a checklist for data processing agreements (in Norwegian only).  The checklist can be used for the quality assurance of data processing agreements offered by providers of cloud services or other types of online services.

A data processor agreement is an important legal document that must be in place as early as possible. Keep in mind that project participants such as interpreters, transcription assistants and research assistants are considered as data processors, if they are from outside the institution,  and must consequently sign HiOA's data processor agreement on how personal data should be processed. The Data processing Agreement must be filed in P360.  See the document management routine (in Norwegian only) and The Norwegian Data Protection Authority's guidelines for data processor agreement (in Norwegian only). Case number must be communicated to the Coordinator for Privacy in Research Ingrid.Jacobsen@oslomet.no.

9. Transferring research data

10. Long-term storage, deletion and anonymisation of research data

Kontakt

Fakultet for lærerutdanning og internasjonale studier

Forskning og utvikling ved LUI

Url :
Nettsider FoU LUI

Fakultet for samfunnsvitenskap

FoU-seksjonen ved Fakultet for samfunnsvitenskap

Url :
Nettsider FoU SAM

Fakultet for teknologi, kunst og design

FoU ved Fakultet for teknologi, kunst og design

Url :
Nettsider FoU TKD

NIBR

FoU ved NIBR

Url :
NIBR