Päivitetty 25.03.2022

About Findata

Findata is the data permit authority for the social and health care sector, and its activities are based on the Act on the Secondary Use of Health and Social Data (552/2019).

Shortcuts

Open positions

Are you interested in meaningful work for a new and continuously evolving authority? See new job vacancies here! Read more Open positions

Data protection

Read about Findata as a controller, the rights you have as a data subject and how can you use those rights. Read more Data protection

Give feedback

Influence the development of our services by telling us where we could improve our operations. Read more Give feedback

About the website

See this page for the accessibility statement and information on visitor tracking, as well as on social media buttons and RSS feeds. Read more About the website

Issued permits

See this page for information on which projects and organisations have received permission from Findata to use social and health data for secondary purposes. Read more Issued permits

Regulations

See this page for a list and brief descriptions on all the Findata-issued regulations related to the Act on the Secondary Use of Health and Social Data. Read more Regulations

Organisation

Findata will operate in conjunction with the National Institute for Health and Welfare but separately from the Institute’s other activities. Findata is under the performance guidance of the Ministry of Social Affairs and Health and it has a Ministry-appointed director for the organisation as well as a Ministry-appointed steering group.

The Findata management group is responsible for managing the operations of the data permit authority. In addition to Findata’s Director, the management group includes the Head of Data Services, the Head of ICT, Development Manager, Legal Advisor and the Head of Communications.

See the Contact us page for our personnel’s contact details.

For more information on the Act on the Secondary Use of Health and Social Data see the Ministry of Social Affairs and Health website: Secondary use of health and social data

Tasks and objectives

Our task is to provide guidance, grant permits for the secondary use of social and health data and to ensure that data subject to a permit is combined and disclosed in an secure manner.

We grant permits for the secondary use of social and health data when the application applies to

  • data maintained by numerous public social and health sector controllers
  • the register data of one or numerous private social and health service provider, or
  • data saved in the Kanta Services

We are responsible for the combining and pre-processing of data subject to a permit, such as the production of pseudonymised and anonymised, statistical data.

Our goal:

  1. Improve data security and the data protection of individuals.
  2. Speed up and streamline the utilisation of social welfare and health care data resources.
  3. Decrease the duplication of work in permit processing.
  4. Develop data descriptions for the social welfare and health care sector together with the controllers.

Legitimate purposes for the secondary use of social and health data will depend on what type of data is being used. 

Individual-level material

  • education
  • scientific research
  • statistics
  • planning and reporting duties of an authority

In addition, under the Act on the Secondary Use of Health and Social Data, controllers can use their own data for knowledge management without permission from Findata.

Statistical data

  • development and innovation operations
  • education
  • scientific research
  • knowledge management (comparative data)
  • statistics
  • planning and reporting duties of an authority
See a list of the controllers within the scope of the Act on Secondary Use of Health and Social Data
  • Data saved in Kanta services
    • Findata will process applications related to medical record data in the Kanta services from the beginning of 2021, applications related to e-prescription data can be processed already now.
  • Digital and Population Data Services Agency (The Finnish Digital Agency, individual’s basic details, family relations, place of domicile and building details)
  • Finnish Centre for Pensions (work and earnings data, benefits and the bases for them)
  • Finnish Institute for Health and Welfare (does not apply to data collected for statistical purposes)
  • Finnish Institute of Occupational Health (occupational illnesses, exposure tests and patient registers)
  • Finnish Medicines Agency Fimea
  • National Supervisory Authority for Welfare and Health Valvira
  • Public and private service providers of social welfare and health care
  • Social Insurance Institution of Finland (benefits and prescriptions)
  • Statistics Finland (to the extent that access is required to data covered by the act on the investigation of the causes of death).
  • Regional state administrative agencies (matters relating to social welfare and health care)

Guidance and supervision

The steering group for the secondary use of social and health data guides and develops Findata’s operations. The members of the steering group include representatives appointed from the Ministry of Social Affairs and Health, the Digital and Population Data Services Agency, the Finnish Centre for Pensions, the Finnish Medicines Agency Fimea, the Social Insurance Institution of Finland (Kela), the Finnish Institute for Health and Welfare, Statistics Finland, the Finnish Institute of Occupational Health, the National Supervisory Authority for Welfare and Health Valvira, and representatives of social welfare and health care service providers.

The steering group has set up the following subcommittees:

  • Secondary use of social and health data ecosystem group
  • Cooperation group for controllers and customers of secondary use of social and health data
  • Cooperation group for customers of secondary use of social and health data

For more information see the Ministry of Social Affairs and Health website.

In addition, the Ministry of Social Affairs and Health has set up a working group to draw up the principles for anonymisation, information security and data production in the use of social and health data. For more information on the data protection expert group for the secondary use of social and health data see the Ministry of Social Affairs and Health website.

Findata’s operations are supervised by the Parliamentary Ombudsman and the Data Protection Ombudsman, among others. The National Supervisory Authority for Welfare and Health Valvira monitors data secure user environments. In addition, Findata must give an annual report to the Data Protection Ombudsman regarding the processing of health and social data and the related log data.

Preliminary survey on the impacts of the Act on the Secondary Use of Health and Social Data and a proposal for measures

The steering group on the secondary use of health and social data has commissioned a preliminary survey on the impacts of the Act on the Secondary Use of Health and Social Data on the secondary use of data for research, development, innovation and teaching. The reports were commissioned by the Ministry of Social Affairs and Health.

Read the reports by following the links below:

Latest news

Researchers analyse the patient and registry data of thousands of diabetics in order to improve their quality-of-life – around a third of type 1 diabetics suffer from kidney disease

12.05.2022
The FinnDiane follow-up study, which has been ongoing for more than 20… Read more Researchers analyse the patient and registry data of thousands of diabetics in order to improve their quality-of-life – around a third of type 1 diabetics suffer from kidney disease

The web addresses for our services will change – old addresses will not work after May 2, 2022

26.04.2022
The web addresses of Findata’s e-services, Kapseli secure operating environment and Nextcloud… Read more The web addresses for our services will change – old addresses will not work after May 2, 2022

Requirements for secure operating environments will enter into force on 1 May 2022

20.04.2022
The operating environment requirements will apply in accordance with the transitional provisions… Read more Requirements for secure operating environments will enter into force on 1 May 2022