HiOA has stipulated an agreement with UiO for the delivery of the Service for sensitive data, TSD 2.0 , including user support for HiOA employees. TSD is developed and operated by USIT at UiO, and is part of NorStore, the National Infrastructure for Managing and Storing Scientific Data.
Nettskjema is often used for data collection. If you use Nettskjema for collecting sensitive data or personal data, the data is encrypted and sent from Nettskjema to TSD 2.0.
Apply for access to TSD 2.0
Before an applicant gains access, the following requirements must be satisfied:
- The project will process data that is classified as sensitive (and non-regular personal data). TSD requires documentation such as attachments of REK approvals, concessions from the Data Inspectorate or approvals from NSD.
- The project must be registered in a HiOA archive. In practice, this means the message archive at NSD or Public360.
- TSD delivers the desired functionality to the research project participants (check out UiO's overview of required software).
For access to the TSD, apply through the TSD website.
Two forms must be filled in: Attachment to the data management agreement and the Mercantile agreement.
Software in TSD
Overview of available software in TSD
Licensed software (NVivo, SPSS, Stata, StatTransfer) for use in TSD must be ordered from HiOA's website for ordering IT equipment.
Requests for unlicensed (free) software (VLC) can be sent to technical support at TSD.
Operating issues in TSD are reported to technical support.
Examples of possible exemptions from using TSD 2.0
Exemptions from using TSD when working on projects that process sensitive data must be clarified with HiOA's ICT department.
- Urgent need for securing the data
- There is no internet access where the sensitive data is to be processed.
- Alternative technical solution with satisfactory security (e.g. Safe Zone - ASPIT)
- The project relies on software that cannot be delivered by the TSD
- TSD holds most of the relevant software or alternative software with similar functionality.
- Approvals that set specific requirements for hardware and processing.
- TSD is increasingly recognised as a good alternative to standalone machines without online access and trusted computing /encrypted hardware. The computer supplier or approval authority must approve the transfer to TSD.
- The processing of the sensitive data constitutes a very short and well-secured phase of the total project.
- E.g. an interview that is transcribed and anonymised in a safe way, as this is a very small part of the project. Original files are encrypted and stored on the condition that they will not be opened (only for control).
- There is only one project participant with good training/procedures for secure data management (encrypted devices, encrypted files, no internet access, backup).
Access to data from other organisations in Norway - step by step procedure