Docs and Info Privacy Policy Terms of Service Contact Us About

Researcher Guide

This guide describes relevant steps on how to submit datasets to FEGA Norway for further research, data sharing and collaboration. The guide also provides a generic overview of the ethical and legal framework for the process of submission of datasets, including requirements set forth in General Data Protection Regulation (GDPR).

In the planning of submitting datasets to FEGA Norway it is essential that the ethical and legal basis are in place. This means that:

  • Submission has to be approved by REK and in compliance with the consent from the study subjects
  • The legal basis of using FEGA Norway as repository for your datasets has to be clarified with your own institution (Research support unit and/or Data Protection Officer - DPO). This clarification also include the need for a Data Protection Impact Assessment (DPIA).

When pursuing the submission process, there are some main steps to be aware of:

Data Processing Agreement between your institution and UiO as the FEGA Norway Service provider

  • Establish or document that a Data Processing Agreement (DPA) between your institution and UiO as the the host for FEGA Norway Service are in place. FEGA Norway provides a generic template for a Data Processing Agreement (DPA) available here.
  • Your Resaarch Support Unit or DPO will help you with the DPA if needed.
  • Also remember to file internally a signed copy of the DPA related to your project containing sensitive data, using the standard policy for registering documents in your institution.

Appointing a Data Access Committee to handle applications for access to your dataset and provide a Data Access Policy

  • A DAC usually contains the PI as the main contact and two to three other persons either having collaborative or participating roles in the project. Research institutions often delegate the responsibility of appointing a DAC to the PI of a research project holding sensitive data, but other internal procedures may apply. Consult your DPO if needed.
  • Establish or provide a Data Access policy to be publicly available. Here is a general example of a Data Access policy that can be used or modified for your project if needed .
  • It`s important that the Data Access policy is in compliance with your Institution's routines for handling sensitive data, including REK approval and consent from the data subject. We therefore strongly recommend you to check with your Institutions Research Support Unit or DPO before publishing the policy.

All relevant documentation mention above as part of the submission to FEGA Norway, should be filed in accordance to your institution policy.

As responsible PI for the dataset it`s important to remember that any substantial change related to the processing of data in your project, including substantial changes in your Data Management Plan (DMP), must be reported and clarified in your institution`s Research Support Unit, DPA and with REK if applicable. Remember also to make sure that your Data Access policy in FEGA Norway is updated before implementing the changes.

Institutions that has endorsed FEGA Norway

  • The Oslo University Hospital (OUH) research leadership has for all researchers at the institution endorsed the use of FEGA Norway as a means for FAIR archiving and sharing of sensitive human data for research purposes.