Joint Data Responsibility

At Denmark Statistics (DST), we offer users under the Researcher Scheme the option to enter into ‘Joint Data Responsibility’, which enables collaboration on a single project between two authorised institutions, where responsibility for the data is shared equally.

The project is created under one authorised institution, and users affiliated with the second authorised institution, who are to participate in the project, are linked via a user and association agreement. Both institutions must confirm via email to the contact person in Denmark's Data Portal that they wish to establish a project under joint data responsibility between [authorisation number – name of institution 1] and [authorisation number – name of institution 2] for project [project number].
In addition, it must be clearly stated in the project description that the project has been confirmed and approved for joint data responsibility between the two institutions.

Sanction Framework for Projects under Joint Data Responsibility

In the event of a breach of DST’s rules for working with microdata, institutions with projects under joint data responsibility are subject to the applicable sanction system specified for projects under the Researcher Scheme on DST’s website: Sanction Rules.

Sanctions Affect Both User and Project Simultaneously

If a breach of DST’s rules for working with microdata occurs in projects under joint data responsibility, it may result in sanctions against the user who has transfered the data. For example, DST may decide that the user is sanctioned with a quarantine period during which the individual user does not have access to the DDV App. This sanction will also affect the relevant project from which the data was extracted, meaning that all access to the project will be closed for the same quarantine period that applies to the user who transfered the data.

Thus, the sanction policy does not differ from the applicable sanction rules for projects and users without joint data responsibility.

Institution-Level Sanctions Affect Both Institutions

The sanction framework for institutions likewise follows DST’s applicable sanction rules. Accordingly, both institutions must report when a breach occurs, and repeated or serious breaches may result in measures such as temporary or permanent closure.

In line with the applicable sanction framework, the sanctioning process will take into account the history of the two institutions. This means that the same offense may affect institutions differently if one institution has a long history of breaches while the other has not previously violated the rules.

Institutions must account for errors in data transfer as per normal practice and must indicate that the project is subject to joint data responsibility, so that Denmark's Data Portal transfer team can take this into account when processing any potential breaches.