Regulations

On this page, you can find all the information about the regulations issued by Findata under the Act on the Secondary Use of Health and Social Data. The regulations themselves and their contents can also be found under Data, Permits and Kapseli®.

Regulation on secure operating environments

Regulation by the Finnish Social and Health Data Permit Authority Findata: Requirements for other service providers’ secure operating environments (PDF file 67 kB)
- Annex 1: Requirements for a Secure Operating Environment (PDF file 235 kB). Issued 19 January 2022, effective date 19 January 2022
- See also: Accredited data security assessment bodies (kyberturvallisuuskeskus.fi)

This provision replaces the previous regulation issued on 5 October 2020 (THL/2492/4.00.00/2020). The updated regulation contains a copy of the criteria for issuing the certificate as well as more detailed descriptions of the requirements.

In this context, only the necessary changes have been made in order to minimise the inconvenience to the preparation and ongoing audits.

The National Supervisory Authority for Welfare and Health (Valvira) maintains Toini, a public register of the complaint operating environments of which it has been notified. Read more on the Valvira website: Register of Secondary Use Operating Environments (valvira.fi). You can also find information on registering and registration fees on the website.

Regulation on data descriptions

Regulation of the Health and Social Data Permit Authority: Data contents, concepts and data structures for data descriptions (PDF file 390 kB, in Finnish)
- Issued on 1 February 2021, entered into force on 1 February 2021
- See also: Decree of the Ministry of Social Affairs and Health on the obligation of the controller and the data permit authority to prepare a data description (finlex.fi, in Finnish)

Regulation on data permit applications and data utilisation plans

Regulation on data content and data structures of data permit applications and data utilisation plans (PDF file, 443 kB)
- See the draft regulation that has been circulated for comment (lausuntopalvelu.fi, in Finnish)
- You can view the statements made on the draft regulation from the Lausuntopalvelu.fi online service 8.12.2021–24.1.2022 (opens in a new window, in Finnish).