As a university employee, you probably work with personal data. That is not just names and telephone numbers – it can also include things like cookies. How can you make sure you are working in a privacy-proof way?

If your research project involves collecting private or otherwise sensitive data, you must ensure adequate data protection measures are taken. Research must be conducted in accordance with the General Data Protection Regulation (GDPR). In terms of patient data, for instance, when used for research carried…

Individuals have the right to instruct the university to delete their personal data in a number of cases. For instance, if the university no longer needs the data, or if the person withdraws consent previously given.

As an employee of Leiden University, you probably work with or come into contact with personal data. The concept of ‘personal data’ is core to the General Data Protection Regulation (GDPR). If you work with personal data, you must be able to explain clearly, comprehensively and in simple language how…

Security

Organisation

Organisation

Any loss of control over stored personal data constitutes a potential data leak. In most cases this concerns stolen (or lost) digital files, but a stolen (or mislaid) printed list containing personal data also represents a data leak. It is important that you report any data leak.

A data processing register is a record of which personal data you process and who you share this data with. If you collect personal data for your research, you must record this in the data processing register.

If you bring in a (new) person who will be processing personal data for you, this person is not allowed to use this information for his or her own purposes. You need to formalise this in a data processing agreement. The university will usually have an agreement in place.

We are all responsible for data protection. To keep (personal) data as secure as possible, the university has established an information security policy.

Are you handling personal data just once, for instance when taking the minutes of a meeting or organising an employee outing? You do not need to include this use in the data processing register if you stick to the following conditions.

Your options for data storage may vary depending on factors such as size and sensitivity of the data or collaboration with partners outside the university. We are all responsible for data protection. To keep (personal) data as secure as possible, the university has established an information security…

Handling student data is a necessary part of your work as teacher or invigilator.

As a standard, your workplace comes equipped with a limited amount of disk space. We offer a number of options for extending your disk space. In addition, ISSC can help you recover lost files. You can also securely store your files in the cloud via OneDrive and Teams. Whichever storage you use, be aware…

Do you have questions about data management? Please contact the data stewards:

If you have a mobile device such as a smart phone or tablet that you purchased privately but also use for work-related purposes, it is important that you save your documents securely and deal responsibly with confidential information.

Universities, companies, organisations and societies are increasingly facing enormous quantities of data. It is a great challenge to transform these Big Data into knowledge, which is why Leiden University has launched a University-wide Data Science Research Programme.

Every faculty has local support for instructors and students that work with Brightspace

Research

Contact your Faculty’s uSis functional manager for any questions about or applications for a uSis profile or account.

For each university unit, the ICT Shared Service Centre (ISSC) has an appointed ICT contact person responsible for applying for ICT facilities for research, teaching and operational management.

For each university unit, the ICT Shared Service Centre (ISSC) has an appointed ICT contact person responsible for applying for ICT facilities for research, teaching and operational management.

If you have a guest or visitor who needs access to the network drives or a ULCN account, you can have him or her registered in the guest management system (GMS) via your GMS contact person.

Workshop

Workshop

Workshop

Lecture

The University Teaching Qualification (UTQ) is proof of the competence for University teaching staff. If you are a lecturer, assistant professor, associate professor and professor with an appointment of 0.5 FTE or more and have been working at the University for a year or more, you must earn the UTQ.…

A data processing register is a record of which personal data you process and who you share this data with. If you collect personal data for your research, you must record this in the data processing register.

Didactics, Didactics

Organisation, Security

Lecture

Security

ICT, Security

Education

If you handle personal data, there are a number of legal grounds on which this can be done. One example involves obtaining consent from the person in question, also known as 'informed consent'. This informed consent must adhere to several requirements.