How to involve the Data Protection Officer at UNN


About the role of the Data Protection Officer 

The main task of the Data Protection Officer is to ensure that UNN complies with laws and regulations concerning privacy and processing of personal data. Other key tasks include: 

  • Informing, monitoring, and advising to ensure that all employees comply with privacy regulations. 
  • Receiving inquiries and assisting patients in protecting their privacy rights. 
  • Serving as a liaison to the Norwegian Data Protection Authority. 
  • Providing guidance and approval for research and quality projects. 
  • Advising on privacy impact assessments for the processing of health and personal data. 
  • Providing guidance and training in privacy and information security. 
  • Following up on data processor agreements. 

Internal users can find further information on UNN's intranet

How to involve the Data Protection Officer at UNN? 

All projects covered by this guidance must be registered in the UNN Research and Notification Register before starting, and there must be a recommendation from the Data Protection Officer (DPO) before starting the project. This applies to both internally anchored projects at UNN and externally anchored projects, as long as health data from UNN is used or part of the project is carried out at UNN. Notification to the Data Protection Officer must be sent well in advance of the planned start of the project, using the following notification form. This is done via the following registration form

​Guidance for completing the electronic registration form

Creation of a new project in the UNN research and reporting register takes place when the project manager submits project information via an electronic form. This form takes approximately 10-30 minutes to fill out. It consists of several parts that are submitted separately. When filling in the registration form part 2, the work can be saved during the process so as to work on later (NB. Part 2 must be actually be started in order to continue the work later). The message will only be sent to the data protection officer at UNN when you have filled in the "date/signature" form. You will then receive a registration receipt by e-mail. 

For guidance and help with filling in the form  and other queries regarding privacy in research and quality projects: Contact PVO by e-mail: personvernombudet@unn.no

You can find more information here 


​General information about the role of the data protection officer ​

(excerpt from:  Veileder i personvern og informasjonssikkerhet i forskningsprosjekter)​ 

Data Protection Officers and research support units have valuable expertise that should be utilized in all phases of a research project. The organization and division of work between the Data Protection Officers and research support units should be specified in governing documents for each institution. 

During the planning phase, it is a good idea to present the project to the organization's Data Protection Officer or research support unit, who can provide valuable input and advice for the processing of health and personal data in the project. If it is difficult to determine what type of project is being discussed, the Data Protection Officer can be a very good person to start with. The Data Protection Officer can provide expertise that the individual researcher may not have in-depth knowledge of. When processing special categories of personal data, it is mandatory to consult with the Data Protection Officer, but many wait unnecessarily long before contacting this person with relevant professional competence. A consultation with the Data Protection Officer can help ensure predictability in the project and can assist the project leader in identifying challenges that need to be addressed at an early stage. 

More information can be found here. ​