- Kela’s role and responsibilities
- Role and responsibilities of the information system provider
- Role and responsibilities of the client organisation
- The Digital and Population Data Services Agency
Kela’s role and responsibilities
Kela is responsible for organising the joint testing and all related practical measures. These include
- Maintenance of Kela’s test environments
- Management and distribution of test identity codes used in Kela’s test environments
- Production of test material
- Planning of joint testing
- Creation and maintenance of test cases
- Maintenance of workspaces for joint testing
- Coordination of joint testing
- Review and approval of test cases
- Preparation of the joint testing statement and report.
Kela will approve a system provider for joint testing once the supplier has
- provided Kela with all the information required for the planning and implementation of joint testing
- demonstrated that the system is ready for joint testing with the preliminary test cases together with the registration form.
To test the information system, Kela will select a cross-testing party from the certified information systems so that the non-certified system can perform joint testing. Kela will agree with the parties on the schedule for cross-testing.
Kela is bound by secrecy with regard to confidential information that it has learned from the information system during joint testing. Such information includes, for example, trade secrets, which are also subject to a prohibition of use. During joint testing, Kela processes information from information systems carefully and confidentially.
Role and responsibilities of the information system provider
The information systems joining the Kanta Services must meet the key requirements concerning interoperability, data security, data protection and functionality. The supplier is also responsible for the technical functionality of the information system, which includes:
- usability
- performance
- the ability to generate valid documents and generate CDA R2 messages to specifications
- the ability to generate FHIR messages.
Kela provides information system providers with a validation service to assist in product development, which can be used to check whether the data structures of a document have been formed correctly.
Preparing for joint testing
It is the responsibility of the system provider to familiarise themselves with the joint testing process and to take the steps required to prepare for joint testing. For example, the system provider must ensure that it
- joins the Kanta client test service
- acquires the test IDs to access the Kumppanit workspace
- obtains the certificates required for testing from the Digital and Population Data Services Agency.
When joint testing begins, the functionality development work for each joint testing procedure must be completed. So at this stage, the information system already corresponds to a production-like entity. The system entity that generates the data to be stored in the Kanta Services also needs to correspond to a status ready for production use.
The system provider must test its own implementation in a sufficiently comprehensive manner in different test environments before registering for joint testing.
Findings from a joint testing procedure
The information system provider must correct any findings made during joint testing and, if necessary, the rectified version of the system must also be updated in the test environment of the client organisation.
The test cases for joint testing are retested until no more preventive and significant errors are found. Information on the classification of test findings can be found on the Concepts and definitions page.
If an information system provider discovers an error in its system, it must immediately inform the Kanta Services and all the client organisations affected by the error, as well as provide information on the timeframe for getting the error rectified.
If significant changes are made to the information system that affect the Kanta Services, the information system provider is obliged to notify Kela of them. More detailed information on the subject is available at:
- Notification of changes - THL Regulation 4/2024, Appendix 2(opens new window)
- Notification obligation for changes
Role and responsibilities of the client organisation
The client organisation is responsible for ensuring that the information system it uses is compliant with common requirements and has passed the required joint testing.
The Digital and Population Data Services Agency
The Digital and Population Data Services Agency (DVV) provides the server certificates and system signature certificates needed to use the Kanta Services. In addition, the Digital and Population Data Services Agency is responsible for the Suomi.fi authorisations, which are used to log in, for example, to Kela's Testain service.
Learn more about certificates (dvv.fi)(opens new window)