January 26, 2021

Open personal data – what is it?

All employers need information about their employees, but how do we collect and process this data responsibly? And how long are we allowed to store the data?

In the GDPR regulations, personal data is defined as «any information about an identified or identifiable natural person.» That’s pretty comprehensive. Just think about what we as employers surround ourselves with when it comes to information about our employees.

It makes sense that we are asked to control data about our employees, at least when we think about data such as salary information, personal information, social security numbers, next of kin and our employment contracts. And it also makes sense that we place restrictions on who should have access to this.

But what about less «dangerous» information like my phone number, what position I hold, what I’m good at, what I’m responsible for, or when I’m available for a meeting? By definition, this is also personal data, but do we need to restrict access to this information?

This is one of the reasons why we should consider the risk associated with data being compromised. There is quite a big difference between my phone number and my social security number being compromised. In addition, there is a quite different need in the organization to make my phone number known, rather than my social security number.

In most organizations, a prerequisite for working together effectively is that we have access to each other, that we know who is responsible for what, who is a specialist in what, etc. This is information that carries a low risk of misuse, while at the same time it is absolutely necessary to share such information for effective internal interaction.

In order for us to be able to handle this in an appropriate way, we should create a description of what we can then call open personal data; what this is and what it means that it is open. The description has several purposes. It should provide a legitimate justification for why the information must be shared internally, it should describe what information is involved and, not least, it should explain to employees that when you are employed here, you must allow such information about you to be open to other employees.

For the vast majority of people, this is not a problem; on the contrary, it is relatively obvious that this is how it must be. We just have to ensure that this also happens within the regulations by documenting it.

News from the HR competence center BUHR

Gain insight into how businesses work smarter with HR, leadership and organizational development. Here you will find customer stories, professional articles, current topics and upcoming seminars from BUHR.

Technical article,

June 23, 2026

While we wait for the Equal Pay Directive – what already applies today?

The EU's Pay Transparency Directive, or the Equal Pay Directive in Norwegian, was adopted in 2023, and the deadline for implementation in member states was June 7, 2026 at the latest. What is the status now that this deadline has passed?

Technical article,

May 13, 2026

The holiday dilemmas

Summer is approaching, and now comes the time for vacation planning – and all the small and big questions that come with it. Has everyone remembered to apply? Who gets vacation when – is the plan working? Is the new employee actually entitled to three weeks in July? And what happens if someone gets sick during the vacation?

Technical article,

April 7, 2026

The 2026 wage settlement – what is happening, and what does this mean for you and your company?

The 2026 wage settlement is a main settlement, which is the most comprehensive of the two types of wage settlements we have in Norway. This means that the parties are not only negotiating about wages, but about the entire content of the collective agreements. This means that the negotiations can also include working hours, overtime pay, welfare leaves and other terms.

Technical article,

January 26, 2026

Why performance reviews are important – and how to get real value from them?

Good leadership is often the sum of good, meaningful conversations. The prerequisite is that they are done systematically, with a clear framework and the right support.

News

November 25, 2025

BUHR named Seriegazelle

BUHR, one of Norway's most innovative providers of HR services through outsourcing, has recently been honored as Seriegaselle 2025. This prestigious award honors small and medium-sized growth companies that have achieved impressive results in the Norwegian business community, and thus highlights the country's most successful companies.

Technical article,

October 9, 2025

YWCA-YMCA: Free up time and focus on what matters, with flexible HR support

YFUK-KFUM is one of Norway's largest children's and youth organizations. With many employees and a clear value base, they needed an HR partner that delivered both expertise, capacity and cultural understanding. The solution was BUHR.

Technical article,

October 9, 2025

BUHR strengthens the team: Trine Hetland is the first person to join the new venture

BUHR is now expanding with a new HR service; personnel coordination. Trine Hetland is the first personnel coordinator, and the one who sets the direction for the new service area. She has solid experience in HR, staffing and coordination.

Technical article,

September 23, 2025

Going from learning to value creation with BUHR's graduates program

BUHR focuses specifically on recent graduates through its graduates program. The program gives participants a safe and structured start to working life, while also providing BUHR with new energy and new perspectives.

Technical article,

4. June 2025

Employee surveys in development – from measurement to opinion

Good relationships are a key factor for well-being, performance and the ability to change. Employee surveys should be seen as a starting point for dialogue.

Technical article,

March 3, 2025

Handling whistleblowing cases: A key to trust and safety in the workplace

Whistleblowing cases can be challenging for both employers and employees, and good handling is crucial to ensuring a safe workplace and fair treatment for all parties. But how do we handle these cases well?