EPN

DATA3790 Privacy and identity technology project Course description

Course name in Norwegian
Personvern- og identitetsteknologiprosjekt
Study programme
Bachelorstudium i ingeniørfag - data / Bachelorstudium i informasjonsteknologi / Bachelorstudium i anvendt datateknologi
Weight
10.0 ECTS
Year of study
2020/2021
Schedule
Course history

Introduction

The student will carry out a project in the field of data protection and identity technology, preferably in collaboration with a relevant IT company, individually or in a group of up to five students. The aim is to provide the students with an introduction to data protection and identity technology, while they solve a commercial problem in the form of an extensive project assignment with a work load equivalent to 10 hours a week over a 12-week period. If the project is carried out during the summer, the work must correspond to four days a week over a six-week period.

The increasing use of digital media and internet to solve more and more of our tasks in both our private life and our work life (banking, shopping, health, education, exams, employment, news, tourism etc.), increases the chance of a data breach or misuse of personal information. In order to prevent this and ensure that trust in digital solutions is maintained, we need good data protection. By good data protection we mean that personal data must be treated carefully and used in such a way that it benefits users, customers and employees.

The aim of the new legislation GDPR (General Data Protection Regulation) is to focus on these issues and demand that all businesses that process personal data have a good data protection system in place, which among other things means that the registered person’s rights are maintained in a secure and reassuring way. These rights are about the right to access, deletion, portability, correction of wrong data and limits to processing. To comply with the strict demands for good personal data protection, it is necessary to have good technical support. This could be technology that supports the identification of persons, process automation, fraud prevention, handling the rights and consent of the data subjects, administration and quality assurance of data processor agreements, internal control support etc.

In addition to the projects on offer, students can find their own projects within a relevant company, public organization or nonprofit. In this case, it is the student's responsibility to find a supervisor for the project within the external organization. All student-initiated projects must be approved by a supervisor at OsloMet before the start of the project. 

Completion of the course requires a placement in the relevant health care environment corresponding to two days a week over a 12-week period.If the project is carried out during the summer, the work must correspond to four days a week over a six-week period.

The elective course will only run if a sufficient number of students a registered.

Required preliminary courses

No requirements over and above the admission requirements.

Learning outcomes

After completing the course, the student is expected to have achieved the following learning outcomes defined in terms of knowledge, skills and competence:

Knowledge

The student:

  • has a fundamental understanding of what lies in personal data protection, and what good personal data protection is
  • has knowledge of how personal data and identity management are connected
  • has a fundamental understanding of how technology supports good personal data protection and secure identity (Personal data technology and identity technology)
  • is aware of ethical as well as legal aspects of personal data, including the GDPR
  • is aware of how personal data protection technology is used/can be used in business and industry, and in public administration

 

Skills

The student is capable of:

  • implementing simple application of identity technology. For instance: how to use two-factor authentication, biometrics etc.
  • using data protection and identity technology in areas of application such as handling consent, connecting several sources together to ascertain the correct identity etc.

 

General competence

The student is capable of:

  • applying his/her knowledge of data protection and identity technology to solve problems relevant for business and industry/society

Teaching and learning methods

Supervision sessions with an internal and/or external supervisor.

The students are given access to relevant online resources, and receive supervision from an internal and/or external supervisor. The students will work individually or in groups of up to five students to complete a project in the field of personal data and identity technology in cooperation with relevant external parties such as businesses or public organisations. The course can be carried out individually by agreement with the course coordinator.

The course starts with a compulsory introductory session.

The projects are chosen/assigned at the start of the semester.

Course requirements

The following coursework is compulsory and must be approved before the student can take the exam:

  • The course starts with a compulsory Orientation Meeting.
  • A project outline that describes how the group will organise their work on the project.
  • A standard learning agreement must be entered into between the project provider/supervisor and the student(s), and this must be approved by the internal supervisor before the project can begin.
  • Three minutes of meetings from the supervision meetings held during the project period.

The deadline for submitting the project outline and the minutes of the meetings will be presented in the teaching plan, which is made available at the beginning of the semester.

Assessment

A portfolio exam consisting of:

1. A written project report, individual or in groups (max 5 students), 3000 words +/-10 %

2. An oral presentation, individual or in groups (max 5 students), 10 minutes + 5 minutes Q&A

The exam result cannot be appealed.

The portfolio is assessed as a whole and given a single grade, but both the project report and the oral presentation must be passed in order for the portfolio to receive a grade E or higher. 

For group projects, all members of the group receive the same grade. Under exceptional circumstances, individual grades can be assigned at the discretion of the project supervisor(s) and Head of Studies. 

The exam result can be appealed.

Permitted exam materials and equipment

All aids are permitted, as long as the rules for source referencing are complied with.

Grading scale

Grade scale A-F. 

Examiners

Two internal examiners. External examiners are used regularly.