Search result

About Denmark's Data Portal

Denmark’s Data Portal is an application that provides easy, efficient and secure access to Danish data for research, analysis and management. , Danish data is of great significance to the development of Danish society. For that reason, Statistics Denmark has established a data portal, which provides researchers, analysts and Danish businesses with an enhanced view of the Danish underlying data basis while making the whole process from application to data smoother. In other words, the solution offers , one user interface, one point of access and one secure solution to meet all data requirements for statistics, research, management and analysis., In collaboration with other data owners, the data portal builds on the services that already exist in Statistics Denmark, and new functionality and services are added continuously to meet user needs., A collaborative solution, The data portal is conceived as a collaborative cross-disciplinary national solution for the benefit of research establishments, private businesses and public authorities – completely in line with the intentions behind Denmark’s national public digitisation strategy., Users get a complete view of all registers as well as support in finding the data best suited for their purpose. Moreover, the solution provides quick user access, once the requirements to data security and data confidentiality are met, and with the possibility to get advice and support in the process. Finally, case processing and approval of project applications take place as part of an automated process, thus ensuring progress for the project and transparency for the users., Data security, In Denmark’s Data Portal, the focus data security and information security is massive. Data is built in a special system, which is based on processes of high security, safe management and secure procedures.,  , Administrative procedures and guidelines, In Statistics Denmark, we comply with the non-discrimination requirements of the Danish Public Administration Act. This means that all rules and security requirements apply to all users and all collaborative partners. In other words, nobody gets easier terms or has to meet a lower level of security than others do., Statistics Denmark's procedures complies with current legislation with respect to GDPR, which is tested via external revision and the ISO 27001 standard, which is the security standard for government authorities. The security is tested annually as a result of Statistics Denmark's ISO 27001 certification., Statistics Denmark has prepared a set of guidelines for use of researcher machines, which applies for all research and analysis projects carried out within the framework of Denmark's Data Portal and Research Services. In the guidelines, you find for example the requirement that work must be carried out on pseudonymised data, and that Statistics Denmark's methods for statistical disclosure control must be applied. Other examples are the principles of data mining as well as requirements for a clearly defined emergency response and decision guidance documents in connection with the handling of data breach and security incidents. , Read more under Rules on transfer of analysis results, Secure application, In Denmark's Data Portal, a two-factor login is always used for both the application and the researcher machine, and there are requirements to the security in net traffic and requirements for secure network protocols, as per the Danish Centre for Cyber Security's requirements and recommendations., The application is thoroughly tested for external penetration - see further under `Certification and external control' below., Secure data processing and secure workflows, Agreements exist between Statistics Denmark and all research and analysis institutions in Denmark. The agreements focus on issues such as clarity of roles and responsibilities and ensuring that the employees of the research and analysis institutions handle the administration of the individual institution in the most appropriate way. This is sustained through regular contact with user committees, release of awareness campaigns and user surveys., In Denmark's Data Portal, researchers and analysts are certified in a special module focusing on compliance with the data processing and data security rules. This means that each user regularly must go through a number of questions regarding data processing and GDPR to maintain their access to Denmark's Data Portal and Research Services., The workflows for researchers as well as analysts and administrative employees in Statistics Denmark are reviewed annually by the internal supervision and assessed by IT architects, IT managers ad information security coordinators for the purpose of ensuring that there are no loopholes or overlooked ways of cheating, gaining unintentional access or abusing user roles. The detailed authorisation system in Denmark's Data Portal has been reviewed specifically for the purpose of verifying that a multi-person system has been set up for approval and update, which ensures that individual persons cannot exploit or abuse the system., We carry out systematic system control to ensure that research results for transfer do not contain personal data or individual data (microdata), and we perform randomised sampling and management-initiated samples based on risk assessments., Certification and external control, Security is continuously monitored both through Statistics Denmark's internal supervision and external inspections and audits. Statistics Denmark maintains regular contact with independent external experts who assess, test, and stress test the security of the systems, source code and workflows. The security of our pseudonymisation algorithm has been verified through an external review from the cyber security department, and an executive summary of this can be provided upon request to relevant stakeholders. Likewise, external experts have verified the so-called transfer control., External audit:, Statistics Denmark's Research Services annually obtains an external audit statement of the ISAE 3000 type, which can be provided to relevant stakeholders. The audit statement, which is accompanied by a corresponding ISAE 3000 statement for the general IT environment and IT workflows, describes a range of security-related control areas, including technical security measures, storage and processing of personal data, and more., ISO 27001 certification:, Statistics Denmark undergoes an annual process to maintain the achieved ISO certification ISO/IEC 27001:2013. The audit process is conducted by the international and independent certification company DNV-GL. The scope, i.e. the area that has been checked and ISO 27001 certified, is ¿IT and business processes in the statistics production, including data collection, in accordance with Statement of Applicability"., Penetration tests:, Statistics Denmark has a number of penetration tests carried out each year, where external experts attempt to find vulnerabilities in the technical shell security of systems and access points. This leads to continuous focus on updating to the latest versions of web-facing technologies and security in the firewall. Daily monitoring is in place for external penetration attempts, and there is ongoing surveillance of network traffic in the firewall and associated systems.

https://www.dst.dk/en/TilSalg/data-til-forskning/danmarks-datavindue/om-danmarks-datavindue

Information security and data confidentiality

Strong protection of personal data is essential for the population and the corporate sector to trust Statistics Denmark. This fundamental relationship of trust is necessary for us to collect information for the official statistics, which is indispensable in an open democratic society. , Important documents, Data Confidentiality Policy at Statistics Denmark 2024 (pdf), Statistics Denmark's Information security policy 2025 (pdf), Accordingly, Statistics Denmark has extensive procedures and systems to protect the information on Danish citizens and enterprises in our systems, and we focus on continuously ensuring maximum data security. , Our measures are aimed at two types of risks; , external, , e.g. hackers, and , internal, , i.e. from our employees and from users with special permission to use data with us. , To protect against external parties gaining access to confidential information, we do the following:, We never store confidential information outside our security zone, and we use encrypted or secure lines when we retrieve or receive information., We use state-of-the-art IT security solutions and professional advisers., We continuously update our security solutions in accordance with good practice, including ISO 2700x and requirements from the Danish Agency for Digitisation and the Danish Centre for Cyber Security., We continuously maintain the competencies of our employees regarding IT security., Independent supervisors perform tests attempting to break our security. In this way, we are able to prevent security issues and immediately bridge any security gaps., To ensure that our employees and authorised users comply with the rules, we do the following:, We make sure that our employees know our rules on data confidentiality and information security, that all employees have signed a non-disclosure agreement and that non-compliance will have serious consequences in terms of employment., On a regular basis, we check that the employee has access to nothing but information that is strictly necessary for their tasks., We register (log) which data sets each employee uses. In 2015, we have extended the logging of searches in data, as directed by the Data Protection Agency in July 2014., External users, e.g. research scientists, must be approved and only have access to information where civil registration numbers (CPR nos) etc. have been replaced with serial numbers that do not allow you to identify people., When external users use Statistics Denmark’s data, we continuously log and check if they comply with data confidentiality requirements. Non-compliance may result in exclusion from using data in Statistics Denmark.,  , ISO 27001-certification, In 2023, Statistics Denmark has completed an ISO certification process and have been re-certified in accordance with  ISO/IEC 27001:2022 by the international and independent certification body , DNV, . , The scope, i.e. the area that has been checked and ISO 27001 certified, is “IT and business processes in the statistics production, including data collection and the Danish Business Portal, in accordance with Statement of Applicability”. , With the ISO 27001 certification and the continuous audit reviews with accompanying audit reports (ISAE 3000 reports) in a number of different customer focused business areas, Statistics Denmark has external and independent documentation for a unique and systematic focus on data confidentiality and information security. , In this way, the certification and the audit reports reflect what characterises Statistics Denmark: a public organisation that lives, thinks and practises information security – every day without exception., About ISO 27001, ISO 27001 is an international management standard for information security, the purpose of which it is to e.g. set up systems for the protection of valuable information and personal data in a secure and reliable way. Among other things, ISO 27001 sets requirements to risk management, documentation of processes as well as the distribution of roles and responsibilities for information security. Furthermore, the purpose of ISO/IEC 27001 is to achieve efficient information security management as well as secure processes for continuous improvement. It means that the information security is constantly updated., Data confidentiality policy, Confidentiality in the handling of statistical products and other data materials is about protecting the statistical units against disclosure of information requiring confidentiality. This applies with respect to the surrounding world as well as Statistics Denmark’s employees., Rules to maintain data confidentiality are implemented in the data confidentiality policy with associated disclosure and statistical confidentiality guidelines as well as in the fixing of individual access rights to confidential information in Statistics Denmark., Data Confidentiality Policy at Statistics Denmark 2024 (pdf), Information security policy, Statistics Denmark's Information security policy 2025 (pdf), Privacy policy, In connection with your use of Statistics Denmark’s websites, we collect information about you. It is important to us that you feel safe using Statistics Denmark’s websites and for this purpose, we have prepared a Privacy policy., Privacy Policy, GDPR, In Statistics Denmark, we focus much attention on meeting the European General Data Protection Regulation (GDPR) and the Danish Data Protection Act, which supplements GDPR., Statistics Denmark’s compliance with GDPR (in Danish),  

https://www.dst.dk/en/OmDS/strategi-og-kvalitet/datasikkerhed-i-danmarks-statistik

Production and turnover in the service sector

An example is the tech industry, which provides services, for example in the form of IT support and cybersecurity.

https://www.dst.dk/en/Statistik/emner/erhvervsliv/serviceerhverv/serviceerhvervenes-produktion-og-omsaetning

Subject page

Digital behaviour

How many people use social media and how many shop online? Find statistics on our digital behaviour.

https://www.dst.dk/en/Statistik/emner/kultur-og-fritid/digital-adfaerd-og-kulturvaner/digital-adfaerd

Subject page