Privacy Policy for the Kanta Personal Health Record

Privacy Policy for the Kanta Personal Health Record

This is a valid Privacy Policy for User Data Register of the Kanta Personal Health Record. The policy was updated on 1 November 2021.

Controller

The Social Insurance Institution of Finland

Nordenskiöldinkatu 12, 00250 Helsinki
Postal address PO Box 450
Postal code 00056
Phone number 020 634 11

Person responsible for register-related issues or contact person

Data Protection Officer for Kanta Services
kanta@kanta.fi

Name of register

Kanta Personal Health Record (Kanta PHR)

Purpose of processing of personal data / purpose of use of the register

According to section 4 of the Act on the Electronic Processing of Client Data in Healthcare and Social Welfare (784/2021) (hereinafter the Client Data Act), Kela is the controller of data related to the use of wellbeing data entered in the Kanta PHR service pertaining to the national information system services (Kanta Services) and data related to the use of the service.

The purpose of Kanta PHR is to enable the storage of citizens’ (users) wellbeing data in a national centralised service in accordance with the Client Data Act. In accordance with the Client Data Act, the user can enter and process their wellbeing data in Kanta PHR with wellbeing applications or via My Kanta Pages and utilise them for the promotion of their wellbeing.

In accordance with the Client Data Act, Kela is responsible for the availability and integrity, constancy, protection and retention of data in Kanta PHR, as well as for destroying the data when the person has not destroyed the data before the end of the retention period. Kela is responsible for the technical operation of the service so that the wellbeing data cannot be processed or shared against the law.

The wellbeing data entered in Kanta PHR is data produced by the person themselves concerning their health and wellbeing. The person may record their data in Kanta PHR with wellbeing applications. The person shall always have the right to decide on the use, amendment and deletion of their own data. Therefore, the user of Kanta PHR is personally responsible for recording their own wellbeing data and for ensuring for their own part that the data they have entered is correct.

Data in Kanta PHR is retained until the user has deleted it themselves or, when the person has not deleted it themselves, for a maximum of 5 years from the person’s death.

Kela does not have the right to process data entered in Kanta PHR more extensively than the tasks related to the maintenance of Kanta PHR require. Kela contributes to the processing of personal data in accordance with the EU’s general data protection regulation and other legislation regulating the processing of personal data.

The manufacturers of applications and devices connected to Kanta PHR are responsible for correct functioning of the applications. The manufacturer of the wellbeing application is responsible for its own part for acting in accordance with the Client Data Act, for the certification of its wellbeing applications in accordance with section 6 and 7 of the Act and for meeting the certification requirements.

Kanta Personal Health Record (Kanta PHR) and cookies

The user signs in to Kanta Personal Health Record (Kanta PHR) via the Suomi.fi service when they take the service into use and when granting user rights to Kanta PHR for apps they want to use with the service. In this connection, cookies are used in Kanta PHR, the use of which is necessary in order to provide the service. The user’s consent is not requested for using these cookies. Kela does not utilise this data in any other way. Cookies are destroyed automatically when the browser is closed.

Data content of the register

Wellbeing data entered with the user’s own wellbeing application is recorded in Kanta PHR. The wellbeing data to be entered varies by application. A list of wellbeing data that the user can enter in Kanta PHR with each application that has joined Kanta PHR is available from the list of applications for Kanta Personal Health Record.

In addition, the following data on the users of Kanta PHR is entered in Kanta PHR:

  • user’s personal identity code
  • information about the access rights granted by the user to the applications (e.g., the right to read and enter measurement data)
  • information that the user has accepted the terms of use of Kanta PHR and the time of acceptance.

The above information on the users of Kanta PHR is recorded when the user deploys the service and whenever the user grants access rights to the application or accepts amended terms of use of Kanta PHR. In the deployment stage, the user identifies themselves in the service with Suomi.fi identification. The user of the service selects the method of identification/certification service provider and agrees to forward the personal identity code to the controller in the identification service.

Regular information sources

The data recorded in the service is obtained from the users themselves when they use the wellbeing app or My Kanta Pages for entering or processing their data.

Regular disclosure of data and transfer of data outside the EU or the European Economic Area

Kela does not share the data in the register with outsiders. Kela does not have the right to share data entered in Kanta PHR for any other reason than what is prescribed in section 13, subsection 2 of the Client Data Act.

Kela does not transfer the data outside the EU or the European Economic Area.

Principles of protection of the register

The data saved in Kanta PHR shall be kept confidential.

Organisational protection principles

Kela for its own part monitors and supervises the legality of data processing. Kela has an appointed Data Protection Officer.

Kela provides written instructions on the processing of data in the register and takes care of sufficient expertise and competence of its staff. Kela has an information security plan related to information security, data protection and the use of the information systems.

Kela takes the necessary measures of its own accord if the data entered in the register has been processed illegally.

Technical protection

The processing of data in Kanta PHR requires strong identification that identifies the administrator and citizen user, as well as the management of access rights related to the system. Citizen users must provide strong identification with the Suomi.fi identification before they can grant access rights to Kanta PHR for the wellbeing application they are using. The Digital and Population Data Services Agency is responsible for the identification and certification services in the Kanta Services.

Information about all actions of data processing by the user and in relation to Kela’s maintenance measures is saved in a log.

Physical protection of the environments and equipment

The data recorded in the register is technically protected to prevent editing and deleting.

Kela’s IT areas and the physical location of data are in Finland. Members of Kela’s technical maintenance staff have limited access to the IT areas when the management of their duties requires such access.

Access to the data

The user can view the wellbeing data they have saved in Kanta PHR and the data related to the use of Kanta PHR via My Kanta Pages, from where the data can be printed out, if necessary. The user can also view wellbeing data saved in Kanta PHR with wellbeing applications for which the user has granted access rights to retrieve data from Kanta PHR.

As a rule, Kela does not have the right to process data saved in Kanta PHR. Kela has the right to process wellbeing data entered in Kanta PHR only when the tasks related to the maintenance of Kanta PHR so require.

Right to rectification

Data saved in Kanta PHR is data produced by the person themselves, which they are free to view, edit or delete.

In order to implement the right to rectification, Kela as the controller cannot process data saved in Kanta PHR due to the limitation in section 4 of the Client Data Act, and Kela advises citizens to edit or delete the data they have saved themselves.

Right to lodge a complaint to the regulatory authority

If the user of the service deems that the processing of their personal data breaches the applicable data protection regulations (Articles 12–22 of the EU’s General Data Protection Regulation), the user of the service is entitled to lodge a complaint to the competent regulatory authority. In Finland, the regulatory authority is the Data Protection Ombudsman.

Last updated 01.11.2021