An amendment application allows the applicant to apply for changes to previous, currently valid permits. Please note that for the amendment permit we need all previous permits for which an amendment or change is applied for or on which the previous permits are based.
Please read the Permits web page before applying for a data amendment permit. The page includes useful information to take into consideration before applying, while applying and after applying.
What to remember before sending an application
Select the correct application type
There are different types of applications for different information needs
- Data permit application, when you need data on individuals
- Data request, when you need statistical data
- Amendment application, when you are applying for an amendment to a valid data permit
Describe and limit data
Define the data to be applied for at the variable level and remember the principle of minimisation for other information. Utilise the Data Catalogue (https://aineistokatalogi.fi/) and controller’s advisory services
- Where from and how do I extract the target group? Is the definition specific enough?
- Are control subjects/relatives extracted? How will they be defined?
- From which registers will the data be extracted?
- What variables will be included in the extraction?
Other data to be combined
- Have you made sure that the other data is described on the application?
- Are the permits for other data valid or is the permit process pending?
Determine the competent authority
Findata is responsible for the application and the permit decision whenever data are combined from data controllers covered by the Act on secondary use of health and social data. The assessment of the competent authority must therefore consider all the data related to the application.
Check from the application assistant which authority the application should be sent to: Application assistant
General information on amendment applications
A data permit amendment application is sent to Findata whenever data are combined from data controllers covered by the Act on secondary use of health and social data, or if the controller has transferred its power to grant permits to Findata. A data amendment permit may be granted when the data sources and the group of research subjects remain unchanged.
Amendment applications and their attachments are confidential. When necessary, we will forward critical data as well as the applicant’s name and contact details to the controller.
The decisions and permits granted by an authority are primarily public. On our website, we will publish the following information on projects that have received favourable data permit amendment decisions:
- date of decision
- permit validity period
- permit holder (organisation)
- project name (if known)
- issuer of the original permits
- amendment type
This public data can be shared from the website also to other communication channels.
What can you apply for with an amendment application?
A data permit amendment application can be used to:
- to extend the period of validity
- change the data processors
- extend the monitoring years on a permit granted by Findata (the target group, possible controls and relatives, and the data to be extracted remain the same)
- change the controller of data disclosed with a data permit
- change the permit holder
- change the data processing environment from Findata’s remote access environment to another audited access environment
- expand the processing of data outside the EU/EEA as opposed to the granted permit
- add variables to the extraction of material when data extraction has already been completed (the target group, possible controls and relatives, and the registers from which the extractions are carried out remain the same)
- add data other than that referred to in the Act on the Secondary Use of Health and Social Data, as opposed to the permit granted by Findata
As a rule, the data will always be disclosed to Findata’s secure operating environment Kapseli. However, the Act on the Openness of Government Activities makes it possible to disclose information to other operating environments, if necessary. Read more below in the section: Findata’s regulation sets information security requirements for environments.
The following changes do not require the security requirements for operating environment
- Changing the data processors
- Changing the controller of data disclosed with a data permit
- Changing the permit holder
- Add data other than that referred to in the Act on the Secondary Use of Health and Social Data, as opposed to the permit granted by Findata
In other respects, amendment permits are subject to the same security requirements as new data permits. Read more on the page: Regulation on secure operating environments
In the following instance, an amendment permit will not be granted
You must apply for a new data permit if:
- the information sources for the data and the group studied change
- the number of monitoring years is increased for a data permit issued by a party other than Findata
Logging into e-services
To submit an amendement permit application, log into our e-service at: asiointi.findata.fi using either Suomi.fi e-Identification or Haka login. For more information on logging in see the Logging into services page.
Please always log in using the same identification methods, so that you can see the applications you have sent and the decisions that have been given.
Amendment permit applications can be submitted in Finnish, Swedish or English
After logging in
- Go to the Data Catalogue tab
- Go to “Apply for new access rights” and select “Data permit amendment application” by clicking on “Add to basket” on the right and continue by clicking on “Apply”
- Complete the application form utilising the instructions given below and send it to us. Unfortunately, after an application has been sent, it can no longer be edited. If you want to supplement an application that has already been sent, send us an email to info@findata.fi and tell us your application’s ID (e.g. 2022/53). We will return the application so you can supplement it.
See also
Dates of monthly maintenance outages in 2023
- 19.1.2023
- 23.2.2023
- 23.3.2023
- 20.4.2023
- 25.5.2023
- 22.6.2023
- 20.7.2023
- 17.8.2023
- 21.9.2023
- 19.10.2023
- 23.11.2023
- 21.12.2023
Instructions for completing an amendment application
We will update more detailed instructions to this section in the near future.
The following information will be requested in the amendment application
- Applicant’s details
- Billing details
- Purpose of data use
- Additional information depending on your need for an amendment permit, i.e. information on
- an extension to the period of validity
- a change to the data processors
- an extension to the monitoring years on a permit granted by Findata (the persons to be researched and the data to be extracted remain the same)
- a change of data controller for the disclosed with a data permit
- a change of permit recipient
- a change to the processing environment from Findata’s remote access environment to another audited access environment
- the expansion of the processing of data outside the EU/EEA as opposed to the granted permit
- adding variables to the extraction when the data extraction has already been carried out (the persons to be researched and the registers from which the extractions are carried out remain the same)
- adding data other than that referred to in the Act on the Secondary Use of Health and Social Data, as opposed to the permit granted by Findata
- Additional information: you can give other additional information related to the application
- Attachments:
- Data permits to which an amendment is applied for and their attachments
- Research plan, if the data is to be used for scientific research
- Completed and signed confidentiality commitment forms, if you are applying for added users
- Other possible attachments
- Additional information: you can give other additional information related to the application
- Attachments:
- Data permits to which an amendment is being sought with the application
- Confidentiality commitment forms completed and signed
- Possible other attachments
Download the confidentiality commitment form from the links below:
- Findata confidentiality commitment form in Finnish
(Word file, 35 kt) - Findata confidentiality commitment form in English
(Word file, 40 kt)
Application processing times will be affected by the content of the application, the current application processing situation and the controller’s response times.
You can expediate the processing of your application in the following ways.
- Complete the application carefully.
- Attach all the previous permit decisions to the application.
- Attach the completed and signed confidentiality agreements to the application. Every added personal data processor must have their own confidentiality commitment.
Information on costs
We will charge a decision fee for amendment permits according to the attached pricelist. In addition to the decision fee, we will, where necessary, charge an hourly fee for data processing carried out at Findata.
You’ll find more information about costs on our Pricing page.
Amendment permits pricing
Price category | Criteria | Price |
---|---|---|
Minor amendment or change | The application seeks the following amendments or changes: – extension of the permit – modification of the persons authorized to process the data – changing the data processing environment from Findata’s Kapseli remote access system to another service provider’s secure operating environment – extension of a temporary permit granted pursuant to the transitional provision (Section 60) of the Act Amending the Secondary Act (793/2021). As of May 1, 2022, data processing is only possible in audited environments. | 250,00 EUR VAT +0 % |
Other amendment or change | The application seeks one or more of the following changes or amendments: – the extension of the monitoring years to the authorization granted by Findata, provided that the persons to be examined and the data to be extracted remain the same – a change in the controller of the material released with the data – change of licensee / permit holder – extension of the processing of the data by way of derogation from an authorization granted outside the EU or EEA countries – adding variables to the data collection after the extraction has already taken place – the addition of data under other legislation in derogation from the authorization granted. | 400,00 EUR VAT +0 % |