Information management for researchers

The information in the storage table based on information classification should be followed: https://www.hb.se/en/staff/for-my-work/it-services/file-management/storage-rules/

In general, the best way to share files with internal parties is to use the university's internal file server, G: The advantage of using G: is that the university has its own backup of the content, making it easy to restore if necessary. A prerequisite for a person to use G: is that they have an account and a computer from the University of Borås. G: can be accessed outside the campus if you have a computer managed by the University with VPN installed. VPN can be ordered via it@hb.se if the person is not already using a VPN.  

If the information to be shared on G: contains confidential information, sensitive personal data, or personal data meriting extra protection, a folder must be used where only those authorised to access the information have access. Such a folder can be ordered from it@hb.se and normally does not involve any additional cost. When ordering, state that the folder is to be used for research material, the desired name of the folder, and the signatures (e.g. MATI) of the people who should have access to the folder.

If the information does not contain confidential information, sensitive personal data, or personal data meriting extra protection, nor information critical for university/departmental functions, Teams can be used by ordering a team from IT. For more information about Teams, follow the link below: https://www.hb.se/en/staff/for-my-work/it-services/programs/microsoft-teams/ In addition to sharing files, you can also chat in the team and co-edit documents.

Another way to share non-sensitive information is to share files in Microsoft OneDrive. For more information see: https://www.hb.se/en/staff/for-my-work/it-services/file-management/onedrive/

If the information does not contain confidential information, sensitive personal data, personal data meriting extra protection, or information critical to university/department functions, Teams can be used by ordering a team from IT. For more information about Teams, follow the link below: https://www.hb.se/en/staff/for-my-work/it-services/programs/microsoft-teams/ In addition to sharing files, the team can also chat and co-edit documents.

Another way to share non-sensitive information is to share files in Microsoft OneDrive. For more information see: https://www.hb.se/en/staff/for-my-work/it-services/file-management/onedrive/

If the information to be shared with external parties contains confidential information or sensitive personal data, or personal data meriting extra protection, it is necessary to contact dataskydd@hb.se to discuss appropriate solutions.

Files containing confidential information or sensitive personal data, or personal data meriting extra protection, must be encrypted using AES-Crypt software before being sent. Note that the recipient also needs to have the software installed to be able to decrypt the files. For more information see: https://www.hb.se/en/staff/for-my-work/it-services/it-security/encryption-of-files/

Remember to set a long password (at least 16 characters) and that the password must be communicated to the recipient by means other than email, such as a phone call or text message. It is also important that the recipient saves the unencrypted files in a safe place where only authorised persons have access.

If the interviews will deal with confidential information, sensitive personal data, personal data meriting extra protection, or information critical to university/department functions, the recording needs to be handled securely.  

If interviews are conducted digitally, an encrypted Zoom meeting should be used. For more information, see: https://www.hb.se/en/staff/for-my-work/it-services/it-security/encryption-of-zoom-meeting/

If the interviews are conducted in person, it is a good idea to use a recording device with an encryption function. Keep in mind that the password is critical to remember: if you forget it, you will not be able to access the audio files! We therefore recommend that you move the audio files as soon as possible and put them unencrypted on a secure storage area, e.g. your own storage area on the university's file server F: or another approved place in accordance with the university's storage rules: https://www.hb.se/en/staff/for-my-work/it-services/file-management/storage-rules/

If a recording device without encryption is used, it is particularly important to be careful in your use of the recording device so that no unauthorised person can access the recordings. This can be done, for example, by keeping the recording device locked in somewhere when not in use and by moving the files immediately to secure storage and then deleting them from the device.

Keep in mind that recording using a mobile phone means that information is stored in the cloud, which is not an approved storage location for confidential information, sensitive personal data, personal data meriting extra protection, or information critical to university/department functions, according to the university's storage rules.

The university offers a tool, Sunet Survey, to send out surveys to respondents. For more information see: https://www.hb.se/en/staff/for-my-work/administrative-support/systems/sunet-survey/

Note that if the survey will deal with confidential information, sensitive personal data, personal data meriting extra protection, or information critical to university/department functions, multi-factor authentication needs to be activated for the survey in question. This can be ordered via dataskydd@hb.se

The university offers a service for both automatic and manual transcription, Sunet Speech-to-Text.

Please note that this service is only approved for use if the transcript does not contain confidential information, sensitive personal data, personal data meriting extra protection, or information critical to university/department functions.

When using an external transcription company

Keep in mind that the transfer of audio/video files needs to be done securely if the files contain confidential information, sensitive personal data, personal data meriting extra protection, or information critical to university/department functions. See for example how to email files containing sensitive information above. Another option is to send an encrypted USB stick with the files in a registered letter to the recipient.

If the files do not contain confidential information, sensitive personal data, personal data meriting extra protection, or information critical to university/department functions, the files can be emailed, shared in Teams, via Microsoft One Drive, or Box.