Navigated to

Sharing data with Swedish authorities

The following is a short checklist of what to consider when collaborating with other Swedish authorities. For example, you need to consider the requirements for managing secrecy, confidentiality and personal data.


Use the brochure for research collaborations

Share the brochure Research collaboration with Umeå University with your collaboration partner so they understand the legal requirements for collaborations.

Secrecy and confidentiality can often be transferred to Swedish authorities

Public authorities are defined here as organisations covered by the Public Access to Information and Secrecy Act, such as higher education institutions, regional health authorities and municipalities.

When sharing research data with a partner at a Swedish authority, secrecy and confidentiality are often transferred to the receiving authority. Anyone employed by that authority is then subject to the same secrecy and confidentiality as employees of Umeå University. Sharing research data is rarely considered to be harmful or detrimental to the individual if the recipient is covered by statutory professional secrecy. 

Checklist for sharing research data with another Swedish public authority

Before sharing research data with Swedish authorities, you need to:

  • check to see if Umeå University is receiving the data from another Swedish authority or public organisation and determine whether the disclosing authority has transferred data secrecy to Umeå University;
  • conduct a secrecy examination; and
  • inform the recipient of any transferred secrecy as per Chapter 11, Section 3 of the Public Access to Information and Secrecy Act (2009:400).

If the research data contain personal data, you will also need: 

  • to assess which personal data are necessary to share; and
  • contact the Central Support Team for Research Data Management if the research project parties have a joint personal data responsibility that needs to be documented. 

Document the considerations made when sharing data, for example, in the research project’s data management plan.

If the information is subject to secrecy to protect the personal or financial circumstances of individuals, according to Section 7 of the Public Access to Information and Secrecy Ordinance, or Chapter 24, Section 8 of the Public Access to Information and Secrecy Act, you can use the template for simplified secrecy examination to document the sharing.

Secrecy examinations

The secrecy protection that covers the data after sharing is crucial for the secrecy examination when sharing research data classified as secret with another Swedish authority. Many authorities have secrecy provisions that they must apply to such information, known as primary secrecy.

If the recipient lacks primary secrecy for the information, Umeå University can transfer the secrecy to the recipient if the sharing is for research purposes. Transfer of secrecy is done so with support of Chapter 11, Section 3 of the Public Access to Information and Secrecy Act.

Read more about transferred secrecy on the secrecy and research data pages

If the recipient has their own primary secrecy or if Umeå University can transfer secrecy with support of Chapter 11, Section 3 of the Public Access to Information and Secrecy Act, it is considered rare that this would cause injury or harm to an individual if the information was released. 

Sharing is not possible if the recipient does not have a primary secrecy provision and it is not possible to transfer secrecy or sever the link between the data and the person or persons protected by secrecy.

Inform the recipient about transferred secrecy

If research data are shared with transferred secrecy, the recipient should be informed that secrecy has been transferred and which provision in the Public Access to Information and Secrecy Act the recipient is to apply. You can inform the recipient by submitting a copy of your secrecy examination using the simplified secrecy examination template, if applicable, or by contacting the Central Support Team for Research Data Management, which will assist you in developing information materials.

Read more about secrecy and research data

Agreements regulating sharing of research data

The Legal Affairs Office does not recommend signing agreements with other Swedish higher education institutions, other public authorities, municipalities or regional health authorities on how shared research data will be processed, as this is covered by laws regarding public access to information and archiving obligations. Biobank samples are not public documents and thus are not covered by this guide or position regarding agreements.

Read more about sharing different types of research data

Illustration, two hands writing on a keyboard and a screen showing an unlocked lock.

Sharing information classified as secret

How to share research data with information classified as secret.

Illustration, hand holding a UMU id card towards a screen

Sharing data that include personal data

How to share research data containing personal data.

Illustration, an agreement and a book

Sharing data in ethically approved research

Collaborations and sharing research data in ethically approved research.

A person's hand writing on a paper.

Research collaboration agreements

When to have an agreement, rights to research results and certificate templates.

Do you have questions about research data?

The University has a cross-functional team that supports you with research data issues in areas such as archiving, legal affairs, IT support, open data, and information security. You can contact the research data support team using the following form:

Contact the research data support team if you have questions

Latest update: 2025-05-26

Read more about research data and collaborations

Two hands typing on a keybord, the screen has an image of an open padlock.

Secrecy for research data

Research data can be classified as secret, giving you a duty of secrecy.

Illustration: hand holding an ID card in front of a screen.

Process personal data in research

When processing personal data, you need to meet the GDPR requirements.

Four bits of a circle illustrating the process of managing research data: planning, organising, making accessible and preserving.

Manage research data

Planning, organising, making accessible and preserving research data.