You must have a legitimate purpose every time you process personal data. Personal data protection legislation provides the necessary authority to register and process the data required to manage employment conditions.
Personal data protection legislation distinguishes personal data as sensitive personal data, CPR (civil registration) numbers or ordinary personal data:
1. Sensitive personal data concerns: Racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and data concerning health and sexual orientation. It also includes genetic and biometric data.
In general, you may not obtain, register or process sensitive personal data without informed consent. Data relating to health may be processed without informed consent if this is necessary in order for the university to fulfil its obligations, e.g. in relation to the Danish Act on Prohibition of Discrimination on the Labour Market (Forskelsbehandlingsloven) and the Danish Act on Benefits in the Event of Illness or Childbirth (Sygedagpengeloven).
2. CPR (civil registration) numbers are considered to be ordinary personal data and may be used as reference numbers. Civil registration numbers may not be made public.
3. Ordinary data concerns all other data, e.g. name, address, telephone number, date of birth, title, family status, residence, salary, vehicle and citizenship.
respect to the confidential data to which you have access in the course of your work. You may speak generally about your work assignments, but you may not discuss individual persons’ data with unauthorised parties. In accordance with the Danish Public Administration Act, data concerning individual persons’ private circumstances, including financial conditions, is confidential.
In an HR context, your duty of confidentiality primarily concerns:
You are not permitted to disclose, either orally or in writing, information concerning pending or concluded personnel cases to unauthorised parties, colleagues or managers who do not have work-related grounds to receive such information. You are permitted to reveal that an employee has resigned.
If you are in any doubt as to whether you are entitled to disclose information concerning employees in a specific case, you should clarify this via dialogue with your immediate supervisor.
Your duty of confidentiality does not cease when your employment at AU ends, cf. the provisions of the Danish Penal Code (Straffeloven).
As a public body, the university is permitted to use civil registration numbers to identify employees, as well as when corresponding with other government agencies and institutions. But it’s important that the exchange of civil registration number data takes place on a secure basis.
It is considered secure to send civil registration numbers within our own network via email addresses ending in “au.dk”. If you send data outside AU’s network, it must be sent securely, e.g. encrypted or via e-Boks. You should always consider whether it is necessary to use a person’s civil registration number. Often, an AU ID will be sufficient.
In many cases, in its capacity as a public body, the university is both entitled and obliged to disclose data concerning individual persons. This may concern sharing information on employee absence with the municipality in cases of applications for reimbursement of parental leave benefit or sick leave benefit, as well as applications for leave, just as the university is also obliged to disclose income data to SKAT (the Danish Customs and Tax Administration).
The university is also obliged to disclose any salary information to union representatives/trade unions which is necessary for the union representatives/trade unions to undertake salary negotiations. This means that you may send salary data, but not civil registration numbers, to the union representatives. If there are several people with the same name in one unit, you may use their AU ID.
All data must be stored in secure IT systems to which access is only permitted with an allocated password.
You may only search for and work with the personal data that is relevant for the work tasks you have been assigned. This means that you may not obtain data concerning individuals that you do not, by virtue of your work assignments, require information about. This also means, for example, that you may not access your own data in WorkZone.
As a secretariat staff member, you have access to a number of systems containing personal data. In addition to observing the duty of confidentiality, you must comply with AU’s information security policy,
including:
In accordance with AU’s information security policy, you must ensure that the personal data which you use is stored, transported and protected securely, so that the risk of disclosure of the data to unauthorised parties is minimised as far as possible. This applies regardless of whether the data is in paper form (hard copy) or on electronic media. You must ensure that the data is not retained for longer than is necessary for processing the specific case. It is permitted to store documents that have been made anonymous.
Work-related injury, illness or accident cases may only be registered and processed in AU HR, Development and Work Environment. You may not merge or mix personnel cases and work-related injury/illness cases.
Personal data in hard copy (paper) must be kept under lock and key when not in use (i.e. a locked filing cabinet or office). Documents containing personal data may not be shared with others unnecessarily.
Documents must be shredded immediately when the data is no longer required for the purposes for which it was collected. Documents with salary details and other data related to employment cases must be shredded following final approval of the appointment. Documents relating to personnel cases must be shredded following final conclusion of the specific case.
Relevant information in paper documents must be filed before deletion on the conclusion of the specific case. All personnel documents must be deleted following an employee’s resignation.
When you send emails containing personal data, you must use the following text in your email signature:
“Please note that this email contains personal data. This means that you must ensure that the personal data cannot be accessed by anyone else without good reason, and that the personal data is deleted immediately when it is no longer required in relation to the purpose for which it was sent.”