Home
Faculty of Psychology

Internal control of personal data in research

Statutory requirements for an internal control system of personal data are prescribed in the Personal Data Act, §14. Internal control deals with systematic work to ensure that personal data is processed legally, in a sound and secure manner.

Main content

The Norwegian Data Protection Authority is an independent administrative body which shall inspect and verify that statutes and regulations applying to the processing of personal data (the Personal Data Act) are complied with.

At UiB Rector and the University Director have the overall responsibility for all processing of personal data in research (the data controller).

However, anyone processing personal data at UiB is responsible for familiarizing themselves with the rules and routines that apply to processing such data and to make sure that any errors or deficiencies are reported to the data controller and rectified.