4.1.4 Archiving - Privacy by design

The concept of privacy by design, or built-in integrity, is based on letting integrity issues affect the entire life cycle of the system, - from preliminary studies and requirements through design and development to its use and decommissioning. Some basic principles of privacy protection are not to collect more information than needed, not to keep it longer than one needs to, and to not use it for anything other than what you have collected it for. Informing the data subject of how the data is to be processed, requesting consent and allowing for transparency in management are also parts of the safeguards of integrity.

Privacy by design is part of the requirements archives demand from the development of a new IT service. The requirements are made to enable the archiving of public records deemed to be in a preservation or erasure investigation and, also so that the records not deemed fit for preservation should be erased.

Archive requirements - Some examples
  • Ability to create an archive output with information to preserve or migrate
  • Possibility of being able to distinguish information that is to be preserved from information to be erased
  • Ability to convert file format to formats suitable for preservation
  • Ability to give files unique names
  • Ability to maintain good information quality, e.g. default terms or values
  • Ability to use metadata, for example be able to distinguish documents with personal data
  • Ability to log events
  • Ability to present public records
Archiving in research in particular

Research activities are basic research, applied research and development work carried out at universities and colleges under Högskolelagen (Higher Education Act) Chapter 1. 2§ 2.  or at special research institutes or state authorities according to instruction or special assignments.

Documents are to be preserved following the provisions of Riksarkivet (the National Archives)  General Advice on the Removal of Documents in Government Authorities (RA-FS 1999: 1) if they:

  • contain basic information about the project's purpose, method and results,
  • reflect the project's context regarding, for example, economic conditions and external contacts, as well as show possible changes in focus during the course of work, and
  • are expected to have a continuing value for the research area or value for another, which is deemed to be of major scientific, cultural or personal historical value, or deemed to be of major public interest.

Examples of documents:

  • Data sets including code keys
  • Metadata (such as information contained in a Data Management Plan)
  • project applications
  • Decision on funds
  • Ethical Review Documents
  • Survey and interview forms
  • Reports, Publications and doctoral theses

In addition to the afore-mentioned examples, the documents must also be preserved to help give a good understanding of what has happened during the project and how the material is to be interpreted.