Wellbeing applications under the Act on the Electronic Processing of Client Data in Healthcare and Social Welfare
A wellbeing application, within the meaning of the Act on the Electronic Processing of Client Data in Healthcare and Social Welfare, is an application linked to the MyKanta database in Kanta Services, where private individuals can access their wellbeing data. With a wellbeing application, private individuals can access their client data in the Kanta Services provided by Kela: the Patient Data Repository, the Prescription Centre and the Patient Data Management Service. Valvira maintains a database of wellbeing applications that meet the essential requirements and have been registered with Valvira.
A wellbeing application must meet the essential requirements and accessibility requirements consistent with its intended use. Essential requirements comprise requirements in respect of interoperability, information security, data protection and functionality. Application developers are responsible for compliance and certification of their respective applications.
Compliance with essential requirements is verified in the certification process. Certification of a wellbeing application requires:
- a report showing that the essential requirements have been met
- accepted testing of the wellbeing application performed by Kela
- accepted evaluation of information security by an information security inspection body approved by Traficom.
The essential requirements and certification process for wellbeing applications are set forth in regulation 6/2021 of the National Institute for Health and Welfare (THL) and its appendix.
Registration of a wellbeing application
A wellbeing application that complies with the relevant requirements must be entered in the Valvira database by its developer before being put into production use. Registrations under the Act on the Secondary Use of Health and Social Data are subject to a fee under the Decree on Valvira fees.
To submit a request for registration, you will need:
- a statement on joint testing issued by Kela
- an information security evaluation certificate issued by an information security inspection body
- the form ‘Essential requirements for a wellbeing application’ as per appendix 1 to THL regulation 6/2021.