I am a manager / case handler
If you are employed in an administrative position at UiO, it is highly probable that you process personal data. Here is information about what you need to consider to safeguard privacy in case processing.
Administrative managers for case processing are responsible for certain privacy tasks when processing personal data. This applies to administrative managers both at a central level and at the basic units.
What responsibility for privacy do administrative managers for case processing have?
The privacy responsibility of administrative managers for case processing at UiO (central and at the basic units) includes the following tasks:
- establish satisfactory routines and guidelines for processing personal data for the systems or services used in administration and case processing in their respective areas of responsibility
- ensure that case handlers receive sufficient information and training on routines and guidelines
- report discrepancies
- report any significant changes (Norwegian website) in the case processing or in the use of systems or services that support case processing
- assist in an annual internal control (audit) and local controls performed by employees in the IT director's staff; see guidelines for performing annual internal control (Norwegian).
The case handler is the user of a system, such as the study and exam consultant in FS (The Common Student System). Case handlers have an independent responsibility when handling personal data electronically or manually. This applies to case handlers both at a central level and at the basic units.
Case handlers are encouraged to contact their immediate superior for advice and guidance on how to perform their privacy tasks.
What responsibility for privacy do case handlers have?
- ensure satisfactory data quality of personal data that is processed in case processing (sufficient and relevant, accurate and up to date)
- follow established routines and guidelines in your unit and internal rules for UiO (in Norwegian).
- submit your needs for training in routines and guidelines to your immediate supervisor
- report discrepancies
More about privacy for data obtained from FS
Personal data about students at UiO is collected to use for study management purposes in The Common Student System (FS). Clear routines for how extracts of student data from FS is shall be processed (in Norwegian) have been prepared.
Guidelines for those who wish to conduct research among students (in Norwegian) have also been prepared.
The Department of Academic Administration (AF) handles enquiries about
- access to data on students and doctoral candidates. Write to email@example.com.
- to have surveys sent out to students. Write to firstname.lastname@example.org
The Department of Personnel Support (AP) handles enquiries about access to information and the provision of personal data about employees at UiO. Write to email@example.com.
More about privacy for data obtained from the payroll and personnel system and the financial systems
Anyone with a role in the payroll and personnel system and the financial systems must have a conscious approach to how they process data related to the privacy of others. Guidelines for processing personal data from the payroll and personnel system and the financial systems (in Norwegian) have therefore been prepared.
Here are some of the most important points:
- Use the pullprint solution where available. In this way, printouts with potentially sensitive information will not remain in the copy room. You also save the environment.
- Lock up documents containing personal data – don't leave them on your desk when you go home.
- Do not send your national identity number, bank information or other sensitive personal data in e-mails. Instead, use access-regulated areas in Vortex.
- Use the employee number rather than the national identity number where possible.
- Do not save documents in the home area or unencrypted USB memory. Use common areas where few others have access.
- Always remember to lock or log off your PC when you leave it.
- Your user ID in the systems is personal and must never be shared with others.
- Keep your passwords secret.
Download a poster with these tips (pdf) (in Norwegian).