Skip to Content



Health, Safety and Environment / Safety

Privacy Procedures

Personal data may include images, videos, audio or text. Anyone processing information about others must familiarize themselves with, and follow, the legal requirements for this.

GDPR - what does it mean to you?

Wondering what GDPR has to say to you in your everyday life? (in Norwegian only).  See website about what to be aware of when processing personal information and links to useful information and courses.

Protection of privacy statement

This privacy statement (In Norwegian only) concerns how HiOA collects and processes personal data. 

Notification requirement and concession 

The processing of personal data must be registered or conceded, unless otherwise prescribed by laws or regulations.

Data Protection Officer

From 01.03.2017, HiOA has got its own Data Protection Officer for Administrative Processing (In Norwegian only). The Data Protection Officer will receive notification formes on administrative processing and is a resource person who will help strengthen HiOA's handling of privacy issues.

Data processing agreement

If certain parts of the processing have been made the responsibility of external companies (data processors), a data processing agreement  must be signed. The UH-sector has made a proposal for data processing agreement under new privacy legislation (GDPR, which will enter into force on 1  July 2018). Here is an english version too. This data processor agreement template is to be used, but has to be customized in each case. There is also made a checklist for data processing agreements (in Norwegian only).The checklist can be used for the quality assurance of data processing agreements offered by providers of cloud services or other types of online services.

It is your responsibility to ensure that the agreement is in place. The data processing agreement must be filed in P360. See procedures for document management and the Norwegian Data Protection Authority's guidelines for data processor agreement.  Case number must be communicated to the Data Protection Officer

Sensitive personal information

What is sensitive personal information (in Norwegian only) is defined in the Norwegian Personal Data Act.

Access to information and disclosure requirements

All those registered are allowed access to their personal data (In Norwegian only). HiOA has a disclosure requirement in relation to these individuals. Personal data must be sufficiently secured.

More information about protection of privacy on webpage