Information security - local - VDI/CryptShares

Rules specific to the Department

1. Personally identifiable data requires registration in the record (data protection permit) from the Data Protection Unit.

Regarding the record, the Data Protection Unit may be contacted at:


Phone: 8715 3205

Information and forms for the record may be found here: The record

2. Personally identifiable data requires data processing agreements, etc., from the Technology Transfer Office (TTO), which is AU's contract unit.


Phone: 8715 3205

Information regarding data processing agreements may be found here:

Data processing agreements

3. Data must be stored on an IFS CryptShare, which may be ordered from the Department's data manager unit.

Order form (in Danish)

  • The drives store data using centrally controlled encryption
  • The drives fully log all activity
  • The drives are backed up with encryption, including version backup
  • The drives require that each user is individually approved
  • The drives require that each computer is individually approved
  • Mapping or synchronisation of these drives is prohibited
  • Data may only be removed from a drive after anonymisation has been checked

4. Specific rules apply regarding access to Statistics Denmark via the Department. You may read the rules here:

Statistics Denmark via the Department

5. You may work on the data using

  • A virtual Aarhus University (AU) computer - VDI - (the primary solution from your own computer). VDI makes it possible for employees, students and external individuals to collaborate
  • An AU computer using AU's central encryption and which has a special approval for a particularly demanding purpose.

6. The Department continuously offers courses (in Danish) on data security, rules and policies (VDI and Statistics Denmark)

7. Off-boarding

  • Closing of access to projects at project end
  • Closing of access to project at project change

If you have any questions, please contact the data management unit or the Department management team