Accidental access to the Contract Generator

In week 41, the Nat-Tech Studies Administration found that for a period of time, certain people have had accidental access to the Contract Generator, which is used to manage students’ courses of study. Specifically, a few former student counsellors have had access to the system after their employment had ended. 

When the error was discovered, it was fixed immediately. 

There is no evidence to suggest that information has been misused or shared, and it is the Nat-Tech Study Administration’s assessment that the error does not affect any individual student. 

However, the Nat-Tech Study Administration takes the matter seriously, as it is crucial that all students' information is treated securely and confidentially. 

Procedures must be reviewed 

The Contract Generator is used for students at Nat and Tech and contains information about study programmes, thesis contracts, titles of exam papers, as well as an optional text field where the student can provide relevant information. 

Catalina Kjær Torres, acting head of the studies administration at Nat-Tech, regrets the error and emphasizes that a review of procedures for system access has also been initiated to minimize the risk of similar errors happening in the future.   

The case has been reported to the Danish Data Protection Agency as a breach of personal data security. 

If you have any questions about the case or about the Nat-Tech Studies Administration handling of data, you are welcome to write to acting head of the studies administration, Catalina Kjær Torres, by e-mail cakj@au.dk.  

If you wish to file a complaint about Aarhus University's processing of your personal data, you can contact the Danish Data Protection Agency. Read more on https://www.datatilsynet.dk/english/file-a-complaint.