Skip to main content
Suomeksi
Search

Secure file storage

With these instructions, you can store your data files securely, whatever the type of data. These instructions include some specific guidance for research work, but you can apply them to your own needs. The term material refers to the data being processed, in whatever form they may be. 

Steps to store your files safely

  1. 1

    Classify your data

    Determine what kinds of documents you handle and what kind of information your materials contain, and on that basis assign an information classification to each file. Guidance is available on many pages, for example: Tampere University's Information management plan, TAMK's information management plan, Publicity and confidentiality of records, Data classification and handling. For example, in the Information Management Plan it is defined that a refined research plan of a funded research project is confidential under the Act on the Openness of Government Activities. Information may be confidential for other reasons as well.

    If your materials contain personal data, you must process and protect them in accordance with data protection regulations. If your files contain information from or about people, you are likely processing personal data. Removing personal data from datasets is difficult, and it is safest to treat anonymised data as if it still contained personal data. Pseudonymised personal data is still personal data.

    If your material contains data belonging to special categories of personal data referred to in Article 9 of the EU General Data Protection Regulation (GDPR) or data related to crimes or offences referred to in Article 10 of GDPR, the services and storage locations used must be suitable for them in terms of data security. Instructions can be found on the pages Data protection, Data protection in research, Processing personal data and Selecting storage location

  2. 2

    Select the storage location

    Select the best storage location according to the guidance at Selecting storage place. Confidential research materials under the responsibility of the University may only be processed on the University's equipment and in the University's storage locations. 

    If you have special categories of personal data:

    • Data may only be processed on a computer centrally maintained by IT Services.
    • If a student needs to process special categories of personal data, the faculty must enter into an extended resource agreement for the student and request via IT Helpdesk a centrally managed computer (similar to that of the staff) for the student.
  3. 3

    Encrypt the data

    Encrypt your data with a special program at least when the confidentiality requires so. If you process material belonging to special categories of personal data, data must be always stored encrypted with a special software. See instructions on the page File encryption.

     

Other services for storing data

Research Data Services

Research Data Services is the one-stop-shop for providing research data management services and tools for the staff and students at Tampere Universities. Our services involve the University Library’s data support, IT Services, research and innovation services, legal services, document management, and the Finnish Social Science Data Archive, which is a specialist in the management of research data. Via Research Data Services, you may reach experts specialised in, for example, research data protection and research ethics. Please see research data management guide.

Services of CSC

CSC offers Sensitive Data Desktop, a general remote access service for confidential data. It provides an isolated and secure private cloud environment that you can access through a web interface. The environment is Linux-based, and the current software selection is limited. All data processing takes place in Finland. It is also suitable for data authorised by Findata. For more information, see Sensitive Data (SD) Services for Research.

CSC's service Fairdata IDA is a safe and easy-to-use storage for research datasets and metadata. IDA can be used with multiple interfaces. The data uploaded to the services is saved into projects and the users can be affiliated with multiple separate projects. Data uploaded to IDA is also checked for malware and backed up. You can log into IDA with your organizational account and after that apply for storage space. To continuously store data in IDA, the CSC project associated with the data needs to be kept active even when the data is published. You cannot store in IDA any data belonging to the special categories of personal data.

More info on CSC's services: Docs CSC, Services for research.

Operating environments for Secondary Use of Health and Social Data

Increasingly, sensitive data can only be processed in the data provider’s own remote access environment. These include, for example, the Fiona service of Statistics Finland, Findata’s Kapseli service and the remote access environments of the wellbeing services counties. In these cases, the functionalities, and costs of using remote access platforms should be considered when planning research projects. You will need to use VPN to access Fiona. Other Finnish Operating environments for Secondary Use of Health and Social Data will work without VPN.

Termination of data processing

Often, the processing of different data is subject to conditions set by the donor of the material or due to regulation. For example, the storage period of data containing personal data is limited. On the other hand, due to the limitation of storage space, it is important to take care of either proper storage or destruction of the data at the end of active use. If you need support in planning the processing of the data, contact the Data Service: researchdata [at] tuni.fi (researchdata[at]tuni[dot]fi).

 

IT Helpdesk
0294 520 500
it-helpdesk [at] tuni.fi (it-helpdesk[at]tuni[dot]fi)
helpdesk.tuni.fi

Published: 19.10.2022
Updated: 12.6.2026
Print this page