Personal Data and Confidentiality

Data that contains personal information has to be handled according to certain regulations.

Note that:

  • all handling of personal data must be registered in Personal Data Lund University (PULU).

Register in Personal Data Lund University (PULU)

  • informed consent is usually a requirement when you collect personal data. Read more about personal data and data protection on the Lund University Staff Pages.

Lund University Staff Pages.

  • sensitive information such as interviews (audio files and transcriptions), survey responses, and consent documents, should be stored in a secure location. For example, use a strongbox or on secure server space.

It must be decided how codes, de-identification of data, and encryption keys are to be managed.

The new General Data Protection Regulation (GDPR) that took effect on the 25th of May 2018, sets stricter requirements on how personal data may be managed at the university. The team that has worked to prepare the university for this transition, has compiled an FAQ that addresses many practical implications of the regulation.

General Data Protection Regulation (GDPR)

FAQ that addresses many practical implications regarding GDPR

Data Protection Officer (DPO)

For questions regarding handling of personal data, please email dataskyddsombud [at] lu [dot] se