Advice on how to stay safe when using the services on helsenorge.no
Be careful with links you receive from others
Never click on any links to helsenorge.no that you receive in an e-mail or SMS. Always type “helsenorge.no” directly into the URL bar of your browser. You can also create a shortcut to “helsenorge.no” and use that.
Always check that you are using “ID-porten” at DIFI when you log on to helsenorge.no.
Read more about logging in to helsenorge.no.
Be careful when using computers or mobile devices that are not your own. Do not use public computers or internet cafe devices to access your personal health information.
Protect yourself with passwords
Make sure your information is password protected. If you store personal health data from Helsenorge on your device (such as medical records from the Patient records service (“Pasientjournal”), you must make sure that this information is password protected. The simplest way is to enable secure login with a password or passcode on the device where the information is stored, whether it is your computer, tablet or phone.
Log out when you're done
Always log out of helsenorge.no when you are done. When you log out, no one can access or trace your information. In this way, you can prevent unauthorised persons from exploiting your personal data. If you do not log out, but simply close your browser, it may take some time for the cookies in your browser to be deleted. This can potentially allow others who use the device after you to access your information.
You can also ensure that the cookies are deleted when the browser is closed by changing the settings in your browser. We recommend that you check from time to time that these settings have not been changed.
Stay safe online
- Turn on automatic updates of your operating system, browsers and other software. Check that the updates are completed, especially if your computer has been turned off for a long period of time.
- Install security software that protects you against malicious software (viruses, trojans) and includes a firewall to keep threats out. Check that your security software is up to date and that you have a valid licence.
- Set the browser to display a warning before anything is downloaded to the computer. Free software and file sharing services are often infected with viruses or other malicious software. Be wary of downloading anything from sources you are not familiar with.
- Choose passwords that are difficult to guess and keep them secret. It is recommended to use a passphrase or sentence that you know you will remember.
- Never provide your PIN codes, one-time codes or passwords to anyone requesting this information by e-mail, phone or otherwise. Helsenorge will never request this information from you.
- Do not send sensitive data by e-mail, such as social security numbers, PIN codes, access codes, passwords, bank and credit card numbers or personal health information.
- Avoid submitting personal data over unencrypted internet connections. You can tell a connection is encrypted by the fact that the URL begins with “https://”. If it only says “http://”, the connection is unencrypted, and you should ideally not submit any personal data.Keep in mnd that “https://” only indicates that the connection is encrypted, but does not otherwise guarantee that the URL is safe or correct. Check that you are on the right website and not just one that looks or feels similar.
Fraud attempts by SMS or e-mail
Avoid scams – log in
Helsenorge will never ask you for your credit card details, security codes or account numbers via SMS or email.
Signs that your computer may be infected by malware
- New icons or a new toolbar.
You find visual elements or other items you have not added to the computer yourself. - Pop-up ads.
Ads that pop up even when you are not connected to the internet. - Files that are being deleted automatically.
Disappearing files that are not temporary system files. - Your start page has changed.
When you open your browser, you see a different start page from the one you have set. - Unfamiliar bookmarks.
Bookmarks you do not recognise suddenly appear in your bookmarks list. - You security software is being blocked or has been disabled.
You are unable to install, run, update or maintain your security software. - You are unable to uninstall a program.
Malicious software will often prevent you from uninstalling the program in question. - You see different websites from those that you requested.
Even if you enter the address directly into the URL bar, you get redirected to other websites. - Your firewall asks you to allow unfamiliar traffic.
Some malicious software will try to bring in more malicious software, even with more damaging code, by asking you to allow access. - Your computer sends out e-mails on its own.
Computers can be hijacked and made to send out thousands of spam e-mails to contacts and other recipients. - Posting on Facebook without your permission.
Facebook viruses can send messages and submit posts from your account without your knowledge or permission. - Your contacts receive messages from you that you haven’t sent.
Some malicious software can copy your contact list and message your contacts without your knowledge.
What counts as personal data?
Personal data is information that can be linked to you as an individual, such as your name, address, telephone number, car registration number, fingerprint, photos and ID number.
Information about your behavioral patterns also constitutes personal data – for example your shopping habits, what you watch on TV and the things you search for online.
Sensitive personal data is any information regarding e.g. your political opinions, ethnic background, religion or philosophical beliefs, trade union membership or data concerning your sex life or criminal convictions. Your health status and medical history are also considered sensitive personal data.
Electronic ID
An electronic ID is used to confirm that you are who you say you are, and is required in order for you to access public (i.e. state and municipal) services online. There are several different electronic IDs with different levels of security:
BankID
BankID provides the highest level of security for accessing public services (level 4). Read more about BankID
If you want to block your BankID, please contact your bank.
Buypass
Buypass provides the highest level of security for accessing public services (level 4). Read more about Buypass ID
You can block your Buypass ID at buypass.no.
Commfides
Commfides provides the highest level of security for accessing public services (level 4). Read more about Commfides
You can block your Commfides e-ID by contacting Commfides support on (+47) 21 55 62 80, by sending an e-mail to sperring@commfides.com, or completing the online form at commfides.com. Commfides will then contact to you to verify your request for blocking. You can also block your Commfides ID by visiting Commfides' office at Lysaker in Oslo.
MinID is not an option for accessing services at Helsenorge
MinID provides a medium level of security for accessing public services (level 3). Read more about MinID.
MinID cannot be used to log on to helsenorge.no as its security level is not high enough. Norwegian authorities have determined that the highest level of security (level 4) is required to access services that deal with personal health information.