NOSearch
Studies
For Students
Study at NLA
About NLA
Research and development
IT-Help

IT regulations for students

This regulation applies to all use of IT resources at NLA University College, including hardware, software, networks and access. The regulations apply to all students with access to the college's digital services.

Purpose
The purpose is to ensure responsible, secure, and lawful use of IT resources in accordance with current regulations, including the General Data Protection Regulation (GDPR), and the institution's goals for education and research.

  1. User ID, password, and access
    All users are assigned a personal user ID, which shall only be used by the individual. The user ID must be protected with a strong password and two-factor authentication where available. It is recommended to use long passwords or passphrases.
  2. Roles and responsibilities
    The user is responsible for using the college's IT resources in a secure, legal, and ethical manner, in accordance with current rules and guidelines. The IT department is responsible for technical operations, security measures, and user support. The Rector is the data controller for the college.
  3. Acceptable use
    Use must be related to academic activities and studies. Private use is permitted to a limited extent, as long as it does not hinder normal operations.
    The user must not share access information and is obliged to secure their digital devices. Attempts to gain unauthorized access to systems, services, or other people's information are prohibited.
    It is forbidden to use IT resources for:
    * Illegal activity
    * Dissemination of offensive, discriminatory, or indecent material
    * Violation of copyright or license terms
    * Commercial activity without prior approval
  4. Information security and privacy
    Good information security is important for your own and others' privacy. Information security is also important to protect research data and to prevent the college from being exposed to cyber attacks.
    Processing of personal data shall only take place in approved systems and in accordance with the college's privacy policy. The guidelines are based on the EU General Data Protection Regulation, GDPR.
    Logging and monitoring can be carried out to ensure operation and compliance with the regulations, with the basis for processing in GDPR art. 6, and in accordance with internal procedures.
    For more detailed information on how NLA University College processes personal data, what rights you have as a data subject, and contact information for the data protection officer, please refer to the college's privacy statements.
    See Privacy and Information Security - NLA for more information
  5. Network services, logging and access
    All use of the college's network must be in accordance with these regulations. Network traffic can be logged and analyzed as needed to ensure stable operation and maintain security. It is not permitted to connect equipment or services that disrupt normal network operation or circumvent security measures.
    Activity on the college's systems is also logged to ensure operation, security and compliance with the regulations. Logging takes place in accordance with GDPR art. 32 and according to internal procedures. Access to user accounts and logs can be carried out in the event of serious incidents or suspicion of abuse. This happens according to fixed procedures and with notification where possible. Confidentiality applies to everyone who gains access to such information.
  6. Use of private equipment
    Private equipment that is connected to the college's network or used in connection with studies should have an updated operating system. The college is not responsible for damage to or loss of data on private equipment. To access the college's services from abroad, eduVPN is used.
  7. Storage and user account
    Users are advised to use the college's approved cloud solutions, such as OneDrive, for storing and sharing academic content. The use of non-approved storage services is the user's own responsibility.
    Physical and digital storage media that contain personal data or sensitive information must be protected against unauthorized access.
    After graduation, access to the user account and stored data will be terminated after 30 days. Users are encouraged to back up their own data before the account is deleted.
  8. Use of Artificial Intelligence (AI)
    The use of AI tools must be in accordance with the University College's guidelines for the use of artificial intelligence. It is not permitted to process, store or share confidential or sensitive personal information using AI services. The user is responsible for assessing risk and following applicable regulations and internal guidelines when using AI.
    Exceptions apply to AI solutions developed for the university and college sector, which are designed to handle sensitive data.
  9. Handling of weaknesses and security incidents
    The user must immediately report weaknesses in IT systems, suspicious activity or other security-related incidents via the college's "Report!" portal.
  10. Access card
    The access card is personal and must be stored in a safe manner. It is not permitted to lend or hand over the card to others. All use of access cards is logged and used for security purposes.
  11. Sanctions for violations
    Violation of the regulations may result in:
    * Warning
    * Temporary or permanent closure of account and services
    * Exclusion from studies or exams
    * Police report in case of legal violations
    Decisions on sanctions are made by the Rector or the person the Rector appoints. The user has the right to express themselves and to complain, in accordance with the provisions of the Public Administration Act.
  12. IT support and contact
    The IT service at NLA University College – IThjelp@nla.no / 55 53 6999
    Privacy questions should be directed to: personvernombud@nla.no

The IT regulations have been prepared by the IT department and approved by NLA University College's CSO on 20.06.2025.

Read more about your responsibility as a student on sikresiden.no.