Novo Nordisk Foundation – Policy on data ethics
The Novo Nordisk Foundation complies with both Danish and EU law on data and privacy protection. In addition, Novo Nordisk Foundation recognizes that the fast pace of technological development, along with evolving risks and benefits from large scale data use, require thoughtful and responsible decisionmaking where existing laws and regulations do not necessarily provide clear ethical guidance. To cope with these challenges the Foundation has developed a policy on data ethics is based on 6 principles for how to handle data in an ethical way. The rules describe how the Novo Nordisk Foundation’s use and process both personal data and non-identifiable (e.g., anonymized, aggregated, non-personal) data as well as data and information that applicants for grants submit when applying for a grant using the Foundation’s application system. The policy complements the rules and principles for handling of personal and other data that appears in the data agreement all employees sign in connection with the employment. The overall responsibility for the policy on data ethics and the principles for responsible handling of data is anchored with the Foundation’s executive management in the COO position, which is continuously involved, informed, and have oversight of evaluating the policy and principles. Novo Nordisk Foundation will periodically review and revise the principles to reflect evolving technologies, the regulatory landscape, stakeholder expectations, and understanding of the risks and benefits to individuals and society of data use.
The six principles of the Novo Nordisk Foundation’s policy on data ethics and responsible handling of personal data.
- Respect for the privacy of grant recipients, applicants and employees is a fundamental value for NNF.
- NNF perceives data ethics considerations as more far-reaching than just compliance and compliance with the law.
- NNF prioritises openness and transparency in the ongoing challenges that handling both personal data and non-identifiable data entails. The aim is that companies, organisations, and authorities can learn from each other’s experiences.
- NNF minimises access to personally data to employees with a need to access such. And all NNF employees who access personal data, proprietary knowledge, trade secrets etc., have signed a declaration of confidentiality and the confidentiality clause is part of their employment contract.
- NNF only discloses the applicants’ data to authorities if there is an obligation to do so according legislation and a court or authority decision.
- Machine learning, artificial intelligence, analyses, impact measurements and the use of algorithms must be used to help and position NNF’s grant applicants or grant recipients better, and to promote openness and transparency about NNF’s activities and social impact.
Use of computer programs, artificial intelligence and algorithms
The Foundation uses computer programs, artificial intelligence and algorithms in analysis and evaluations aimed solely at supporting the Foundation’s work to become a better partner for our grant recipients and applicants and to be transparent about the Foundation’s societal impact and the effects of the
- Artificial intelligence and similar technologies are widely used by consumers, businesses and authorities. The Novo Nordisk Foundation uses these technologies to improve the foundation’s own decision-making processes, to make evaluations of applications and outputs of grants, and to analyze the societal effects of the foundation’s activities.
- The Novo Nordisk Foundation will use new technologies, databases and research methods to help grant recipients and applicants for the foundation’s grants better, by reduced processing time, tailor-made solutions for applicants and committee members. For committee members when evaluating applications and results of grants and for applicants by help to grant applications. Grant recipients and applicants must always be assured that actual decisions made under the auspices of the Novo Nordisk Foundation (for example, rejection or awarding of a grant) are always carried out by members of the Board of Directors or its delegated persons.
- At any time, the Danish authorities will be able to access and check applied algorithms upon request to verify that these are not programmed to deliver discriminatory or “biased” results.