The application to join the client test service includes technical information, on the basis of which the joining organisations are given the necessary rights and access to the retrieved environment: either the client test environment or the production image environment. The application to join the client test service also includes information about contact persons. Every service has its own application.
Pre-defined criteria; after meeting these criteria, the joint testing phase or the entire joint testing can be approved.
If necessary, information system suppliers are also requested to supply an architecture description at the logical level together with the registration form for joint testing. The purpose of the architecture description is to clarify the entity to be tested.
The Archivist’s Interface is an online user interface, providing a view to the controller's data in the Patient Data Repository and the client data archive for social welfare services. As a rule, archivists have a right to process the data in the registers of their own organisation. The Archivist’s Interface is available in the client test service, and logging in requires a test healthcare professional card.
Auditing of information security
Systems joining the Kanta Services and the Kanta transmission services must pass the audit of the information security inspection body as part of the certification. It is not possible to carry out the information security audit before joint testing. A general recommendation is that the auditing of information security can be started at the earliest when the system has progressed to the cross-testing phase. As a result of an accepted audit of information security, a system or transmission service will receive a conformity certificate by virtue of the Client Data Act, which is mandatory for systems joining the Kanta Services. The information system supplier is responsible for making sure that the auditing of information security is carried out.
The information system supplier must prove conformity of an information system pertaining to class A
- by providing an account of the fact that the system meets all requirements concerning functionality
- with accepted joint testing, and
- with a conformity certificate issued by an information security inspection body.
Class A system
The information systems in the social welfare and healthcare services are divided into class A and B according to their purpose of use and functionalities. Class A includes information systems that are intended to be linked to the Kanta Services either directly or via a technical transmission service. Class A information systems must be certified, i.e. carry out and successfully pass joint testing and perform auditing of information security.
Class B system
An information system that has not been designed to join the Kanta Services directly or via a technical transmission service is a class B system. The conformity of an information system pertaining to class B must be proven with a written account provided by the manufacturer with regard to whether the system meets the key requirements when appropriately installed, maintained and used according to its purpose of use. The Finnish Institute for Health and Welfare can provide more detailed regulations on the determination of information system classes.
Client Data Act
The Client Data Act (9.2.2007/159) includes provisions on the processing of client data in social welfare and healthcare services. It also includes a section, e.g. on joint testing organised by the Social Insurance Institution of Finland (Section 19 e) (finlex.fi, in Finnish only).
A social welfare or healthcare organisation or pharmacy that takes part in joint testing as a client tester for an information system supplier.
Client test environment
The client test environment (CT environment) is the principal environment for joint testing. Joining the client test environment means technical joining from the joining party's own test environment. The client test environment includes the next development version from the production environment. Information system suppliers and client organisations that have joined the client test environment of the Kanta Services have an opportunity to test the functionalities of their information systems in the client test environment.
Client test service
A package that includes the validation service, joint testing coordinated by the Kanta Services and support during independent testing by the client. Also includes two test environments: the client test environment and the production image environment. When the client joins the client test service, they will be given access to the test environment and provided with test IDs for use in the environment.
The Kanta code set service of the client test service (client test and production image environments) has copies, for example, of the social welfare and healthcare organisation register. All address links in the client test service are added to the list of addresses of the test environment, which is part of the Kanta code set service. The addresses of the client test service and the related openings are updated manually as and when necessary.
The information security inspection body draws up a conformity certificate for the system after it has passed joint testing and the information security auditing. The conformity certificate is required for joining an information system to Kanta. The certificate is valid until the end of the deadline specified on it, a maximum of 5 years.
It is requested to provide details of the contact persons of the joining organisation on the joining application for the client test service. These contact persons are verified in the opening meeting for joint testing. The “technical contact person” is included on the Kanta Services distribution list for providing information about, e.g. the updates of test environments and technical problems having an impact on testing. This contact person is responsible for the practical issues of testing. The “administrative contact person” manages the joint testing of the organisation and is included on the Kanta Services distribution list for communicating about general issues related to the client test service and joint testing. This contact person is responsible for the testing at the administrative level. The “contact person of joint testing” takes part in practical joint testing and is included in the distribution list for communicating about matters related to joint testing. One person may hold several of these roles, and one role may have several persons. Depending on the message contents, the Kanta Services will send the message using one or several of the above-mentioned distribution lists.
The core system (main system) is an information system for healthcare services, in which the patient management and patient record sections have been closely implemented or integrated. From the viewpoint of joint testing, the main system produces the data contents to be recorded in the Kanta Services.
A certified system must take part in cross-testing to verify that an uncertified system is capable of carrying out joint testing. This obligation has been recorded in the Client Data Act.
A joint testing phase where the testing environment of two or several information systems is tested to ensure that the messages produced by the information systems can be technically interpreted with the same contents in all information systems taking part in the testing.
EU’s General Data Protection Regulation, which must be complied with in joint testing. The organisation carrying out the testing must take GDPR into account, e.g. in its own test material.
The Kanta Service entity uses HL7 interface definitions. They guarantee the compatibility of messages and documents produced by the systems joining the services.
The information system supplier / client organisation carries out independent testing in the Kanta client test service without coordination by the Kanta Services.
Information security inspection body
The information security inspection bodies are approved by Traficom. A list of approved inspection bodies is available here (kyberturvallisuuskeskus.fi, in Finnish only). The approval of the inspection bodies is based on the act on information security inspection bodies (finlex.fi, in Finnish only).
Information system joining the Kanta Services
An information system joining the Kanta Services may be a patient data system, a client data system in social welfare services, a pharmacy system, an imaging information system or a wellbeing application joining Kanta PHR.
Inspection meetings are held during joint testing in accordance with a schedule to be agreed separately. The Kanta Services convenes the inspection meetings. In the inspection meeting, the progress of testing is monitored by going through the test results and any errors detected together with the operators taking part in the testing phase. The Kanta Services shall assess the re-testing need and the success and passing of tests. Moreover, keeping to the timetable is monitored and the transition to the next testing phase is assessed in the inspection meeting.
Interoperability means the synchronisation of the information systems with other information systems with respect to their technology and data contents when the systems use the same data. In joint testing, it is verified that the information system is interoperable with the Kanta Services and the other information systems connected to it.
The Kanta Services plans the timing of the joint testing periods and the used test cases separately for each service and monitors the progress of testing. The joint testing periods are presented in the Kanta publication plan. The joint testing period may include several testing phases.
Testing of interoperability between the client test environment of the Kanta Services and one or several information system suppliers or service providers, using standardised, national test cases and reporting practices.
The client test environment and the production image environment have a My Kanta Pages test service, the contents of which complies with the versions of the Patient Data Repository and the Prescription service in the test environment. In My Kanta Pages test service, data is retrieved directly with the test patient’s personal identity code without the requirement of strong authentication. My Kanta Pages is not yet in use in the client data archive for social welfare services or in the archive of imaging data.
THL has specified the minimum requirements for information systems produced for various uses with the aid of nationwide profiles. Information system suppliers shall present to the Kanta Services on the system form which nationwide profiles and compliant functional requirements and data contents the information system will implement.
Notice of change
A notice of change must be sent to Kela and the information security inspection body when a key change having an impact on the Kanta Services is made in contents that have already undergone joint testing. The information system supplier is responsible for notifying of the change. THL has defined key changes in its instructions. Link to THL’s instructions on changes (in Finnish only).
Joint testing has three phases: testing between the information system supplier and Kela, testing between the client organisation and Kela, and cross-testing. Before the actual joint testing can start, the system supplier must report that its preliminary test cases have been approved.
Preliminary test case
Before starting the joint testing, the system supplier carries out content-specific preliminary test cases and reports their testing results to the Kanta Services on the registration form. Joint testing will not start until the Kanta Services have accepted the preliminary test cases. The preliminary test cases are found on the registration form published on the Kanta.fi website.
Production image environment
Joining the production image environment refers to technical joining from the joining organisation’s own test environment. The production image environment has the application versions corresponding to the production environment. The production image environment is a test environment meant primarily for independent testing. Client organisations must provide a reason for joining the Kanta production image environment and send a testing plan to the Kanta Services in connection with the joining application.
A plan on the publications to be included in the Kanta Services. Composed together with the Ministry of Social Affairs and Health, the Finnish Institute for Health and Welfare and Kela. The publication schedule (in Finnish only) plan sets out the phases of joint testing and when the system supplier must start the production of the functionality in question at the latest if a deadline has been specified for it.
The registration form for joint testing is service-specific. The Kanta Services establishes the system’s readiness for joint testing on the basis of preliminary test cases reported on the registration form. Information about the system to undergo joint testing is also reported on the registration form. Registration must be carried out 2 months before the start of joint testing.
A joint test may be rejected if errors in severity category 2 have been found during testing and there is not enough time or it is not possible to correct them within the time reserved for testing.
Re-tests form testing rounds. A testing round starts when the information system supplier or its client organisation makes corrections to observations made in the inspections carried out by the Kanta Services. After the corrections, the information system supplier or client organisation will carry out a new test and the Kanta Services will verify the test results.
A separate system is an information system that forms a functional system entity with the core system. Not all necessary data in terms of the patient’s care and archiving is usually managed in a separate system, but it is a function-specific system such as, for instance, separate systems for imaging and the laboratory.
The decree of the Ministry of Social Affairs and Health on the Electronic Processing of Client Data in Social and Health Care Services entered into force on 15 October 2015, laying down, e.g. a phased timetable for recording documents in the archiving service. The Stagewise Decree of the Ministry of Social Affairs and Health 1257/2015 is available here (finlex.fi, in Finnish only).
The Kanta Services provides a statement for the system, including appendices, when the system has passed joint testing. The statement is provided for each service concerning the contents that have undergone joint testing. Every statement has a unique identification number. The Kanta Services sends the documents to the information system supplier, the authorities (Traficom, Valvira and THL) and for information within the Kanta Services. After receiving the statement, the system supplier may proceed in the certification process by delivering the statement to the information security inspection body. The statement is valid for a maximum of five years.
Information system suppliers of the social welfare and healthcare services shall enter on the system form (thl.fi, in Finnish only) the functions and data contents pertaining to the key requirements that are part of the purpose of use of the system. The system form must be delivered to Kela before the planned start of joint testing, in connection with registration. Further information about the use of the system form is provided by THL.
A test card provided by the Population Register Centre, corresponding to the healthcare professional card in the test environment. Only a test card and a test professional card may be used in the client test service.
The Kanta Services can provide a reasonable amount of test material (e.g. medicine dispensations and renewal requests) for the use of the information system supplier on request. The delivery time of the test material is about two weeks.
After joint testing, in addition to the statement, Kela will also issue a test report, setting out more detailed information about the tested content/s, the objective of testing, the test phases, results and any observations and presenting the parties and timetable for joint testing.
Testing between the client organisation and Kela
A joint testing phase where the service functionalities and information contents are tested more widely in the client organisation's test environment in the same way as in production use. The purpose of testing is to verify the functioning between the information system and the Kela services when used by the client organisation.
Testing between the information system supplier and Kela
A joint testing phase for testing the functionality between the information system and the Kanta Services with the aid of various test cases. This is the most extensive and time-consuming phase in joint testing.
Observations made by the Kanta Services concerning the solutions of test cases sent by the supplier / client organisation. Testing observations are classified as follows:
- 1 - To be taken into account
- 2 - Significant
Joint testing can be accepted only after all observations have been recorded and processed, it has been verified that observations in class 2 have been corrected and it has been verified that observations in class 1 have been corrected or they have been recorded to be taken into account in further development.
Testing plan when joining the production image environment
Client organisations and pharmacies must deliver to the Kanta Services a testing plan in connection with joining and provide a reason for the need to join the production image environment. The Kanta Services will assess whether to accept the application on the basis of the testing plan. The contents of the testing plan are described in the instructions for joining the Kanta client test service.
The browser-based tool for independent testing is used for verifying the data structures of HL7 CDA R2 documents. The validation service is freely available and free of charge.
The workspace in the Partners site, which is specific to the Kanta Service and system in question and where the material used in joint testing (e.g. test IDs, instructions, test cases) is entered. The workspace is the principal communication channel during joint testing. The test cases of joint testing are stored in the workspace for joint testing also after testing is completed.