Personal Data and Confidentiality
Data that contains personal information has to be handled according to certain regulations.
- all handling of personal data must be registered in Personal Data Lund University (PULU).
- informed consent is usually a requirement when you collect personal data.
- sensitive information such as interviews (audio files and transcriptions), survey responses, and consent documents, should be stored in a secure location. For example, use a strongbox or on secure server space.
It must be decided how codes, de-identification of data, and encryption keys are to be managed.
The new General Data Protection Regulation (GDPR) that took effect on the 25th of May 2018, sets stricter requirements on how personal data may be managed at the university. The team that has worked to prepare the university for this transition, has compiled an FAQ that addresses many practical implications of the regulation.
Data Protection Officer (DPO)
For questions regarding handling of personal data, please email dataskyddsombud [at] lu [dot] se