• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Digipedaohjeet

Digipedaohjeet

  • Suomi
MENUMENU
  • Home
  • Planning
        • Planning and administration of teaching
          • Digipedagogical tips for everyday e-learning
          • Design quality for module implementation
          • Show all
        • Module implementation plan
          • Design quality for module implementation
          • Quality criteria for module implementations
          • Storyboard for module implementation
          • Blueprint for module implementation
          • Feedback and development
          • Show all
        • Planning and building Moodle workspace for module
          • Learning activity or assignment template
          • Show all
        • Planning online meeting
          • Logging in to HAMK’s Zoom
          • Zoom Online Meeting Service
          • Zoom LTI Pro Activity in Moodle
          • Show all
  • Teaching and guidance
        • Online teaching and studying
          • Digipedagogical tips for everyday e-learning
          • Log in to HAMK Services
          • Quality criteria for module implementations
          • Show all
        • Online meetings
          • Log in to HAMK Services
          • Zoom Online Meeting Service
          • Joining a Zoom meeting
          • Adding Zoom Activity to the Moodle Course Area and Scheduling Meetings (Fall 2020>)
          • Zoom LTI Pro Activity in Moodle
          • Show all
        • Online exams
          • EXAM for electronic individual exams and maturity tests
          • Show all
        • Learning platforms
          • Moodle: Student’s Guide
          • Moodle’s assignments
          • Moodle’s discussion forums
          • Zoom Online Meeting Service
          • Show all
        • Online teamwork
          • Moodle’s discussion forums
          • Show all
        • Communication
          • Moodle’s discussion forums
          • Show all
        • Data protection
          • Short check list for processing personal data
          • What is personal data and specific (sensitive) personal data?
          • Filming and photography permits in teaching
          • Privacy Protection of Zoom
          • Data protection – informing the data subject
          • Show all
  • Content production
        • Video production
          • Kaltura Video Platform
          • Kaltura’s upload and share your video
          • Show all
        • Questionnaires
          • Webropol-survey and reporting tool
          • Show all
  • Content sharing
        • Sharing content
          • Kaltura’s upload and share your video
          • Funet FileSender file sharing service
  • ⬅

What is personal data and specific (sensitive) personal data?

Kuuntele

What is personal data and specific (sensitive) personal data?

Article sections


    Kuuntele

    Definition of personal data

    The processing of personal data often raises questions about what personal data and specific (sensitive) personal data is. This text approaches these issues from the perspective of the General Data Protection Regulation.

    According to Article 4 of the EU General Data Protection Regulation, personal data ‘means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person’.

    As for the data archive, it divides the material containing personal data into three groups:

    1. Materials containing direct identifiers (or immediate identifiers)
    2. Materials containing strong indirect identifiers
    3. Materials containing indirect identifier

    Direct identifiers for individuals

    Direct identifiers are such that can be used to directly identify a person. These include for instance the following:

    • Name
    • Social security number
    • Photograph including the person’s face
    • Biometric identifiers (e.g. fingerprint, iris)
    • Name specific email address

    Strong indirect identifiers of individuals

    A strong indirect identifier refers to an identifier which allows a limited number of individuals to identify a person unambiguously. Strong indirect identifiers include for instance the following:

    • Bank account number (Bank employees can unambiguously identify the person)
    • Computer IP address (The IP address can be used by people monitoring the network to determine to whom the computer belongs)
    • Student number (the student number allows the employee to conclude the student’s identity)
    • Various customer numbers
    • Phone number
    • Vehicle registration number
    • Postal address
    • Unusual professional title
    • Position that a single person may hold at a time (e.g. President of an association)
    • Rare disease

    Indirect identifiers

    Indirect identifiers can typically be combined to identify a person. This involves the processing of personal data. Thus, a single piece of information is not sufficient to identify a person. For instance, by combining a person’s place of residence, age, gender and occupation, it may be possible to identify the person. There are plenty of indirect identifiers, for instance:

    • Age, sex, ethnic background
    • Revenue, household size, marital status
    • Municipality of residence, postal code
    • Birth date, date of death, time of the incident
    • Profession, workplace contact information, employer

    When processing personal data, it should be noted that in smaller environments (e.g. at the workplace) the person’s age itself may indicate who is concerned. In this case, the indirect identifiers are the workplace and age.

    Special categories of personal data (sensitive)

    Special categories of personal data (“sensitive personal data”) is personal data indicating the person’s (Article 9):

    • Racial or ethnic origin
    • Political opinions
    • Religious or philosophical beliefs
    • Trade union membership
    • Processing of genetic or biometric data for the unambiguous identification of a person
    • Health-related information
    • Information on the sexual behaviour and orientation of a natural person

    The processing of particular sensitive personal data is prohibited unless there are grounds for this in legislation (more details in Article 9).

    A social security number is not a particular item of personal data, but the Finnish law defines the situations in which it may be used.

    Last Updated: 3 years ago
    in Privacy protection
    Tags: Data protection
    Oliko artikkeli hyödyllinen?

    Related Articles

    • Classification of information
    • Zoom privacy policy
    • Data protection concepts
    • Webropol-survey and reporting tool
    • Privacy Protection of Zoom

    Footer

    Häme University of Applied Sciences
    (HAMK) / PO Box 230 13101 Hämeenlinna Finland
    03 6461
    HAMK@HAMK.FI

    Privacy policy
    Cookies
    Takedown request
    Accessibility summary
    Site map

    cc-lisenssi

    This material is CC licensed Attribution-ShareAlike 4.0 International.