What do I have to give information about?
The Personal Data Act does not set requirements as to whether information is given verbally or in writing, however in many cases written information can benefit both researcher and sample. It is common to write a letter of information where you ask for participation and give information about the project.
We recommend that you use our example of an information letter as template.
The information given to gain an informed consent must at least include:
- an introduction including a request for participation
- which methods are to be used in gathering data, and what these methods entail for the participant
- which institution is data controller
- contact information of the researcher (or alternatively of the student and the supervisor)
- the purpose of the project and what the information will be used for
- that participation is voluntary and that the participants may withdraw their consent as long as the project is in progress, without stating the reason
- when the project will be completed and information about what is going to happen with personal data at that point; whether it will be erased anonymised or stored
It can also be relevant to give information about:
- that the information will be kept confidential
- who will have access to identifying personal data
- that the project has been reported to the Data Protection Official for Research at NSD - Norwegian Centre for Research Data (or that the project has been granted a license by the Data Protection Authority if that is the case)
- if an institution (hospital, school, NAV, etc.) conveys contact with the sample, this should be made explicit, and it should be emphasized that the researcher/student does not know the identity of the persons invited until they agree to participate
- for patients, clients and persons with impaired consent capacity it must be stated that if they decide not to participate in the project, or if they later decide to withdraw, this will not affect their relationship with their doctors/therapists or others
- if the information is obtained from sources other than the research participants themselves (registers, records, etc.), they must be informed which information is collected and from where
- that parents/guardians have the right to pre-check questionnaires/interview guides before they are handed to a minor
- handling of confidentiality, storage (in what form the information is stored; directly identifiable or de-identified
- if personal data is to be stored after the project is completed, the purpose of further storage must be explained (for example, follow-up studies), for how long personal data will be stored, and the date for when the data will be anonymised or deleted
- whether personal information will be revealed to others, and if so, to whom
- whether personal data will be transferred abroad, and if so, where and why (if information is to be extradited to countries outside the EU, it should be informed that the country does not have data protection laws that are considered satisfactory in the European context)
- who finances the project