Anonymous data is data that cannot identify individuals in the data set, neither directly through name or social security number,
indirectly through background variables, nor through a list of names or through an encryption formula and code/scramblilng key.
See how you can anonymise your data set.
A data controller is the institution/company/other legally responsible person who determines the purposes,
conditions and means of the processing of personal data. The data controller may be a university,
university college, hospital or research institute represented by their leadership.
The data controller is a formal position and involves requirements for compliance with a number of duties in the Personal Data Act.
A data processor is an external person or business that processes personal data on behalf of the data controller (represented by the project leader). The law requires that this relationship should be regulated by a data processing agreement.
Examples of a data processor can be an external (i.e. not employed at the data controlling institution) provider of online surveys, transcription service provider or an interpreter. See an example of a data processor agreement.
The data material is considered as de-identified if a person’s name, social security number or
other characteristics serving to identify a person have been removed, and replaced by number,
a code, fictitious name etc, referring to a separate list of identifiable data (a scrambling key).
Please note that indirectly identifiable personal data must also be removed or categorized into broad categories in order for a data set to be considered de-identified.
The broad categories can be defined as region instead of specified municipalities or cities, age intervals (10-19, 20-29),
rather than precise age, etc. The only way to identify individuals in a de-identified data set can be through the list of names/scrambling key.
De-identified data is considered personal data regardless of who holds the list of names, where and how it is stored.
The end of the project is the date when the purpose of the processing of personal data has been fulfilled, and data will either be anonymised, deleted, or filed in order to be included in a follow-up project etc.
A person will be indirectly identifiable if it is possible to recognize the person through background information such as place of residence or institutional affiliation, combined with data on age, gender, occupation, diagnosis, etc.
Personal data is any information relating to an identified or identifiable person. A person may be identified by name, images/video, e-mail, IP-address or a number referring to a list of names, through photo/video of recognizable faces, or through a combination of background information.
Processing personal data entails collecting, registering, storing and/or put together and hand out personal data.
If your project involves processing personal data, your project will most likely be subject to notification. Please note that the notification duty applies even though you will not be publishing personal data. The notification duty is determined by how you process personal data throughout the project. Read more about the notification duty.
A project leader is the person who has the day-to-day responsibility for the correct and proper compliance of the legislative provisions on data security and internal control. The project leader must be employed at the data controlling institution. In research projects (including Ph.d.-projects) the project leader is usually the researcher him-/herself. In student projects (B.A. or M.A.) the supervisor (in some cases the second supervisor or the course coordinator) must be the project leader. A student cannot be a project leader.
A scrambling key is a list of names or a file that makes identification of individuals possible in a data set. Creating a scrambling key entails removing names, social security number, email-address or other directly identifiable information in a data set, and replacing them with a code, a number, a fictitious name etc, referring to a separate list where each code refers to a specific name. The scrambling key should be stored separately from the data material in order to keep outsiders from gaining access to link between names and codes.
For reasons of data security we recommend the use of scrambling keys in most projects, particularly in projects that process sensitive personal data.
Sensitive personal data is information relating to racial or ethnic origin, political, philosophical or religious beliefs, that a person has been suspected, charged or convicted of a crime, health, sex life, and union membership.
Personally identifiable information about individuals other than the sample/respondents themselves is considered information about third persons. This may be directly or indirectly identifiable information (see definitions above). Information about third persons might for example be disclosed in an interview or a questionnaire (eg. if a respondent is asked about their mother or father’s education or diagnosis, or a pupil is asked about their teacher’s teaching methods).
Note that if the sample is bound by professional secrecy, this may inhibit the disclosure of third party information.