The project manager shall ensure that directly identifiable and de-identified research data are not sent by email, see the Norwegian Data Protection Authority's website about social security number (only in Norwegian) and the information security guidelines on Storing, sending, sharing and deleting and Use of email (only in Norwegian).
If you have to send a research file (with identifiable and de-identified data) and connection key via email, it must be secured using gpg4win, which is integrated in the email program (e.g. macOS Mail or Outlook), and secure identification of the recipient (you need the data recipient's public gpg/pgp key). You can find more information about the software here. You can go to IT Support (BIT) software and hardware page for more information. See also How to encrypt file (only in Norwegian).
For use of email in connection with health information, see the guidelines for using portal solutions, sms and email (only in Norwegian).
For security reasons, HiOA staff can no longer receive zip files, see other solutions Transfer of files and security level.
Research data must not be stored on the internet, see the information security guidelines on Processing information in cloud solutions (only in Norwegian).