Amendment permits

You can apply for amendments to valid data permits by submitting an amendment application.

Before applying for a amendment permit, please read the Permits page.

A data permit amendment application is sent to Findata whenever data are combined from data controllers covered by the Act on secondary use of health and social data, or if the controller has transferred its power to grant permits to Findata. An amendment permit may be granted when the data sources and the group of research subjects remain unchanged.

Amendment applications and their attachments are confidential. When necessary, we will forward critical data as well as the applicant’s name and contact details to the controller.

The decisions and permits granted by an authority are primarily public. On our website, we will publish the following information on projects that have received favourable data permit amendment decisions:

• date of decision
• permit validity period
• permit holder (organisation)
• project name (if known)
• issuer of the original permits
• amendment type

This public data can be shared from the website also to other communication channels.

See the page Issued permits.

A data permit amendment application can be used to:

• Extend the period of validity
• Change the data processors
• Add data (such as variables)
• Extend the period from which data is extracted
• Change the controller of data disclosed with a data permit
• Change the data processing environment
• Expand the processing of data outside the EU/EEA as opposed to the granted permit
• Combining data that some other authority has issued a permit for with the data covered in Findata’s permit

It is not possible to apply for an amendment in all situations. You should apply for a new data permit if:

• the data sources (registers) or the group of subjects change
• the number of monitoring years is increased for a data permit issued by a party other than Findata

Processing environment for the data

As a rule, the data will always be disclosed to Findata’s secure operating environment Kapseli. However, the Secondary Use Act makes it possible to disclose information to other secure operating environments, if necessary.

Amendment permits are subject to the same environment requirements as new data permits. Exceptions to this are the following changes, which do not require compliance with the environment requirements:

• Changing the data processors
• Changing the controller of data disclosed with a data permit
• Combining data that some other authority has issued a permit for with data covered in Findata’s permit

Read more on the page: Regulation on secure operating environments

Submit an application in our e-service (asiointi.findata.fi) using either Suomi.fi e-Identification or Haka login. For more information on logging in, visit the Login page.

Please use the same identification method each time you log in to view your submitted applications and decisions.

Amendment permit applications can be submitted in Finnish, Swedish or English

1 Public information about the project

• Project name
  • The name of the project granted an amendment permit will be published on Findata’s website. Ensure the project name does not include confidential information.
• A brief description of the project
  • Provide a concise description of the study or project and the intended use of the requested data. This description, once the data permit is granted, will be posted on Findata’s website. Avoid including confidential details in this description.

2 Details of the applicant

• The applicant is the person or organization named in the application to whom the data permit will be issued.
• Enter the applicant’s business ID. If the applicant is an individual, enter 123 in the field. For organizations located in an EU/EEA country other than Finland, provide the name of the official register where the organization is registered.
• Specify which organization or individual is the data controller.
  • The amendment permit can be applied for by the data controller or by another entity on behalf of the data controller.
  • In the case of a joint controllership, select ‘A third party’ and enter all controllers in the additional information field.

3 Details of the contact person

• The contact person is the individual responsible for answering enquiries concerning the application. Their contact details may be shared with the data controller if additional information is needed during processing.
• Describe the contact person’s relationship with the applicant, such as employment or a public service appointment.

4 Invoicing details

• E-invoicing is the primary method of invoicing.
• If the invoiced party is different from the applicant, clarify this in the ‘Additional Information’ section.
• Invoicing details for Finnish payers:
  • Use the business ID to form the VAT number. Add the country code “FI” to the beginning and remove any hyphen (e.g., business ID “1234567-8” becomes VAT number “FI12345678”).
  • Check verkkolaskuosoite.fi for e-invoice addresses.
• Invoicing details for foreign payers:
  • Foreign payers should have a Peppol address for e-invoicing. For more information, visit peppol.org.
  • If the payer doesn’t have a Peppol-address, the invoice is sent by mail.

5 The permit or permits to which you apply for an amendment

• Fill information about data permits that you want amended. Amendment of a data permit is only possible for valid permits.
• Do not fill information about data permits that are not subject to this application. If you are applying for an addition of data other than that referred to in the Secondary Use Act, list the permits considering this data in the section 7.
• Indicate the issuers of the original data permits. You can indicate several permit issuers.

6 Purpose of data use

• Note that when applying for a change to a data permit, the purpose of use must be the same as in the original permit.

Click to see more information about different use purposes:

7 Applied data permit amendment(s)

• State which amendment or amendments you are applying for to the valid data permit(s).
• If necessary, indicate the current processing environment of the data. The analysis of the data is only permitted in audited processing environments that meet the requirements of the Secondary Use Act and the Findata’s regulation.
  • If you only want to transfer your research data to Kapseli, order Kapseli from Findata’s e-service.
  • If your data is transferred to Statistics Finland’s Fiona user environment because the data is combined with data provided by Statistics Finland as a statistical authority, select “Addition of data other than referred by the Secondary Use Act” as the applied data permit amendment. In this case, you do not need to apply for a change “Changing the operating environment of the data to an environment other than Kapseli”.
  • If you are applying to transfer your data to Statistics Finland’s Fiona operating environment for other reason and your data is not combined with data provided by Statistics Finland as a statistical authority, select “Changing the operating environment of the data to an environment other than Kapseli”.

8 Additional information and attachments

• In this section, you can specify previous sections of the application, for example with regard to invoicing.
• If you have spoken about your application with a Findata employee in advance, give the person’s name.
• Please do not attach data to this application

9 Confirmation of information

• Confirm the information provided on the application form.
• A fee will be charged for the permit decision in accordance with the fee decree in force at the time.
• Before we make a decision on the application, you as the applicant must agree to a maximum cost estimate for the costs of extracting and pre-processing the data if a change to the extraction or processing environment is requested.

We will charge a decision fee for amendment permits according to the attached pricelist. In addition to the decision fee, we will, where necessary, charge an hourly fee for data processing carried out at Findata.

You’ll find more information about costs on our Pricing page.

Amendment permits pricing

Price category	Criteria	Price
Minor amendment or change	The application seeks one or more of the following amendments or changes : – extending the validity of the permit – changing the persons authorised to process the data – changing the controller of data disclosed with a data permit – changing the secure processing environment from Findata’s Kapseli environment to another service provider’s environment.	€300.00
Other amendment or change	The application seeks one or more of the following amendments or changes : – extending the period from which data is extracted, provided that the persons to be examined and the data to be extracted remain the same – expanding the processing of data outside the EU/EEA as opposed to the granted permit – adding variables to the data collection after the extraction has already taken place – combining data that some other authority has issued a permit for with the data covered in Findata’s permit	€600.00

Findata’s hourly based fees

Price category	Criteria	Price
Data processing	Hourly fee for data combining, pre-processing, pseudonymisation and anonymisation. Minimum one hour.	€147.00/hour
Data transferring	The price is based on the number of zip folders to be transferred: Base fee: 2 hours × €147 = €294 Additional fee: 0.5 hours (€73.50) per zip folder Example: If there are three zip folders to be transferred, the total cost is: €294 + (3 × €73.50) = €514.50 Each zip folder can be a maximum of 4 GB in size. If the total data to be transferred exceeds 40 GB, we kindly ask that you contact us in advance at data@findata.fi so we can arrange the best approach for transferring your data.	€73.50 per zip folder

Ensure the correct address for the application