Kanta has improved patient data protection
The national Kanta services are a key basis for smooth and safe sharing of patient data throughout the healthcare supply chain. The Kanta services have considerably increased transparency in the processing of data. Previously, it was not easy for patients to access information that has been recorded on them in the healthcare services. Now this data can be checked in My Kanta Pages. The service also makes it possible to see when and which healthcare unit has processed the information.
The Kanta services are being built in phases. Data security and protection is a cornerstone of the development work to ensure that personal data is kept secure in the Kanta services.
All data shared between healthcare services, pharmacies, the Patient Data Repository and the Prescription Centre is encrypted between identified parties. Professionals log in to the information systems with a professional card, i.e. using strong electronic identification. The use of information in the Kanta services requires a patient care relationship or other relevant context, which is verified technically in the patient data system.
My Kanta Pages show the healthcare units that have processed your data
The log records in My Kanta Pages show which healthcare units have shared your patient or prescription data or which pharmacy has received your prescription data from the Kanta services. The use log of data located in the patient data system is not saved or shown in My Kanta Pages, only in the healthcare units.
Misuse of data means the processing of data without a legitimate reason. Data can only be used in a client or care situation, for example, during a doctor’s appointment or at the pharmacy when collecting prescriptions, or on the basis of another legal reason.
Unauthorised viewing of data is extremely rare. The activities of healthcare professionals are governed by strong ethical standards, which all members of the medical profession commit to already during their studies.
If you suspect that your data has been misused, this is how you can find out how your data has been processed in the healthcare services or pharmacy:
Kela can, at your request, submit information about who has processed and viewed your prescription data in the Prescription Centre. The request is made in writing. To request this information, there is a log data request form that is available at pharmacies, Kela offices and healthcare units.
If on the basis of the log data you suspect that your data has been misused, please contact the person responsible for data security in the healthcare unit or pharmacy where the data has been processed.
In My Kanta Pages, you can monitor which healthcare units have received your medical data. If necessary, you can request a report of the use of your data and the log data of persons who have viewed and processed your data in the healthcare unit that has processed your data. Kela is not allowed to give the log data on medical care to the patient, but by law it is the task of the healthcare services.
The use of patient data taking place in the patient data system of the healthcare services is not available in My Kanta Pages. This data is available on request from the healthcare unit in question.
The safety of professionals must also be taken into account
The names of persons who have processed the data are not accessible in My Kanta Pages due to the privacy protection of healthcare professionals. In addition, the rights and protection of professionals must always be taken into account when sharing log data. Log data is not shared, for example, if the sharing of data may jeopardise the safety of the professional in question.
Data security must be examined from the viewpoint of both the patient and the medical professionals. This subject is determined in the Personal Data Act, the Prescription Act and the Client Data Act.