Most of the research at RITMO involves research on/with humans. In most cases, we, therefore, need to think about privacy in our research. UiO has detailed guidelines for researchers and project managers that deal with personal and sensitive data.
What is personal data?
In the most basic terms, personal data is any piece of information that someone can use to identify, with some degree of accuracy, a living person. This includes a name, photo, a video recording, and in many cases an audio recording.
What is sensitive data?
Sensitive data is a specific set of data that must be treated with extra security. This includes information pertaining to ethnic origin, political opinions, religious beliefs, genetic data, and biometric data.
What is GDPR?
The General Data Protection Regulation (GDPR) is a EU law that governs how organisations process personal data. The law has also been implemented in Norway, so all our activities need to comply with GDPR.
Notifying NSD
The Norwegian Centre for Research Data (NSD) is a national archive and center for research data. All student and research projects at UiO that process personal data must be notified to NSD. Information from UiO on notifying NSD. The project must be notified to NSD no later than 30 days before data collection begins.
Privacy checklist
- Identify if you will collect personal and/or sensitive data. This will inform the rest of your decisions.
- Create a DMP and notify NSD
- Follow UiO's storage guidelines