GDPR and document managament
Our processing of personal data is governed by the General Data Protection Regulation. It states that there must be a clear purpose and it must be necessary, lawful and protected.
GDPR contact person at IOB is Karin Lundberg.
- Inform Karin if you process personal data.
- Only collect personal data if there is a clear and specific purpose.
- Store the data on University servers. Do not store and transport personal data on memory sticks, hard drives and laptops.
- Handle personal data on paper with care.
- Minimize personal data in e-mails.
Uppsala University, as a public authority is governed by a number of laws and regulations demanding that archives and public records are kept in good order with transparency and traceability in mind. In order to ensure an efficient public record, data need to be stored in a structured way and that’s why the plan for managing data has to be taken into consideration in early stages of the project i.e. already when applying for the funds.
Research material produced within the University is regarded as official material, regardless of research funding body and that is why storage is essential in ensuring that the principle of public access as stated in Freedom of the Press Act is applied.
Data Management Plan shows how data generated in a research project are handled, organized, structured and stored. It can be downloaded here: Data Management Plan
- A DMP should be established at the beginning of a project and be regularly updated as the project develops.
- The data management plan should be registered in the diary, the draft preferably with the application for the project and the updated versions of the plan as the project develops.
The responsibility of the project leader is to:
- establish and maintain good management of research data in accordance to Good Research Practise and FAIR principles (Findable, Accessible, Interoperable, Reusable data)
- ensure that digital material is stored safely with consideration for back-up processes that ensure protection of the material from damage and digital preservation over time
- inform project staff and students about relevant guidelines and routines set up at the Department.
In order to ensure that official documents are kept in order and stored safely data should be stored in accordance to storage solutions available at Uppsala University alternatively some external providers that meet the criteria for safe data storage and according to routine for storage that exists at the Department.
For more information on research data and storage of data see MP
What must be archived?
Uppsala University is obligated to archive public records, irrespective of medium, from its activities. The authority records must reflect the activities and is, in accordance with the Public Records Act, part of the national cultural heritage.
Arkivlagen säger att alla myndigheters arkiv skall bevaras, hållas ordnade och vårdas så att de tillgodoser:
The Public Records Act states that all authority records must be conserved, ordererd and curated to it acommodates:
- the right for citizens to access public records
- the need for information to the juricadure and the administration
- and the requirements of research.
Retention and disposal schedule for research material
- Authorship in DiVA - the university publication database
- Preservation and disposal schedule for research material
- Instructions for project data storage
- Data Managment Plan
- Routine description for document management
- The Nagoya Protocol - on Access to Genetic Resources and the Fair and Equitable Sharing of Benefits Arising from their Utilization