Denial of consent to sharing patient data

Denial of consent to sharing patient data

With the denial of consent to sharing patient data, you can determine which of your patient data must not be shared with other healthcare service providers. Data that is subject to denials of consent is shown only to the healthcare service provider that has recorded it.

You can specify the denial of consent for

  • an individual service event  a public healthcare service provider
  • a public service provider’s patient registers
    • public healthcare service
    • occupational healthcare

Please note that a service event may consist, for example, of several appointments, procedures and contacts related to the same matter. Therefore, a denial of consent to data sharing with respect to a service event applies to all current and future entries related to the service event in question. 

Your data for which you have set up a denial of consent to data sharing must not be shared with other service providers. The denials of consent also apply to sharing from the shared register of a hospital district.

It is not possible to set denials of consent to data sharing within a service provider’s patient register

Your data can always be utilised during care situations by the service provider who originally recorded it, for example,

  • in different outpatient clinics of the same hospital, which are using the same patient register
  • in different health centres of the same town, which are using the same patient register.

If the care you receive is implemented as a purchased service, the care provider will also have the right to obtain the patient data that is necessary for your care. This sharing cannot be denied.

Denials of consent in the healthcare service

In private healthcare services, denials of consent can be set only in terms of individual service events. Therefore, you cannot limit the sharing of data with denials if consent that concern only certain service providers or registers.

There may be several different service providers within a private healthcare organisation. Each service provider enters the medical records of their patients in their own patient register.

If you have set a denial of consent to data sharing for a service event of a private healthcare organisation, its data cannot be shared from the Patient Data Repository outside this private organisation. Moreover, the data cannot be shared via Kanta within this organisation between patient registers, either.

Further information about internal sharing within a private healthcare service’s own patient data systems is available from the service provider in question. 

Where can I set the denial of consent?

You can set the denial of consent

  • in My Kanta Pages
  • when visiting the healthcare service, where you can also request a printed summary of your denials of consent to data sharing.

You can see your currently valid denials of consent to data sharing in My Kanta Pages.  If you have set denials of consent when visiting the healthcare service, the denials can be viewed in My Kanta Pages after they have been entered in Kanta by the healthcare service.

You can withdraw your denials at any time. 

Denials of consent in emergency situations

You can specify separately whether your data that is subject to denial of consent can be shared in a potential emergency situation. If you have not separately granted this exception, the denials will prevent the sharing of your data also in emergencies.

Last updated 18.11.2021