You are here: Information Security Data protection (GDPR) General information 5 tips for handling personal data

5 tips for handling personal data

Here you can find 5 tips on how to clean up and ensure that you do not store personal data which you are not allowed to store.  


1. Clean up your mailbox

Below are some guidelines for cleaning up your mailbox. Find the category that best matches your situation, and follow the guidelines.

Read about how to handle email as an employee at AU. 


A. I have “no” personal data

You may be a researcher who does not conduct research using personal data, or an employee without personnel responsibility.

Note that, even if you do not work with personal data, you may still have personal data in your mailbox that should be stored elsewhere or deleted, because you are no longer storing the data for a purpose. Search for: 

  • Emails with notification of illness from colleagues: search for illness, child's first day of illness etc.
  • Emails concerning appointment committees: search for application, CV, CPR no. etc.
  • Emails about working hours, including holiday: search for holiday, leave, time off in lieu etc.
  • Emails about salary: search for salary, supplements etc.
  • It is also a good idea to search for emails sent from your HR partner and union representative. 

You are allowed to send and save so-called neutral mails in your inbox.

Neutral mails are defined as mails which include no personal information other than the names of employees referred to in connection with their professional role in a case or project. General or concrete anonymised guides, meeting minutes, course material, general projects, etc.


B. I have some personal data

You may be a researcher who carries out research using a small amount of personal data, an employee with personnel responsibility, a PA or secretary, case officer or union representative.

Consider whether you have personal data in your mailbox that should be stored elsewhere or deleted, because you are no longer storing the data for a purpose. Search for:

  • Emails about hiring, termination of employment, summary dismissal: search for application, CV, CPR no., contract etc.
  • Emails with notifications of illness: search for illness, child's first day of illness etc.
  • Emails about working hours, including holiday: search for holiday, leave, time off in lieu etc.
  • Emails about salary: search for salary, supplements etc.
  • Emails about right of access to documents
  • Emails with extracts of personal data from IT systems and Office applications
  • It is also a good idea to search for emails sent from your HR partner and union representative. 

You are allowed to send and save so-called neutral mails in your inbox.

Neutral mails are defined as mails which include no personal information other than the names of employees referred to in connection with their professional role in a case or project. General or concrete anonymised guides, meeting minutes, course material, general projects, etc.


C. I have a lot of personal data

You may be a researcher who carries out research using a lot of personal data, an employee in the HR or studies administration area, a case officer or system administrator.

Consider whether you have personal data in your mailbox that should be stored elsewhere or deleted, because you are no longer storing the data for a purpose. Search for:  

  • Emails with research data. Has the work using the personal data been completed? Must the personal data be filed?
  • Emails about hiring, termination of employment, summary dismissal: search for application, CV, CPR no., contract etc.
  • Emails with notifications of illness: search for illness, child's first day of illness etc.
  • Emails about working hours, including holiday: search for holiday, leave, time off in lieu etc.
  • Emails about salary: search for salary, supplements etc.
  • Emails about right of access to documents
  • Email about cases: search for case number or keywords such as document fraud, illness, copying, theft etc.
  • Emails with extracts of personal data from IT systems and Office applications
  • It is also a good idea to search for emails sent from your HR partner and union representative. 

You are allowed to send and save so-called neutral mails in your inbox.

Neutral mails are defined as mails which include no personal information other than the names of employees referred to in connection with their professional role in a case or project. General or concrete anonymised guides, meeting minutes, course material, general projects, etc.

2. Clean up network drives

Read about storing data on network drive (U drive)

3. Clean up your desktop on your computer

Many of us have the habit of letting the documents we are working with be displayed “temporarily” on the computer's desktop, so that they are easy to open. The problem is that the desktop quickly becomes unmanageable, and that documents with personal data are easy to find if someone gets access to your computer.

  • Do not have any documents with personal data on your desktop, C drive or external drives such as USB flash drives and external hard drives.
  • Make sure that your files have a fixed and secure location from the outset.
  • Always keep your computer locked with a password when you leave it.

        

4. Clean up your physical desk

Do you print documents that need to be read carefully? If you do, please be aware that documents containing personal data lying on your physical desk, in an unlocked drawer or displayed on a noticeboard can easily be stolen or lost.

  • Make sure that printed documents containing personal data that is to be retained are securely locked in a secure archive room.
  • Be sure to shred printed documents with personal data that you no longer use.

5. Clean up your mobile devices

Make sure that no personal data is stored on your smartphone, tablet and/or laptop computer, as this may present a security risk if a device is lost or stolen.

        


1443310 / i40