Privacy statement for private customers
This privacy statement provides information in accordance with data protection legislation regarding the processing of personal data of private customers at Terveystalo.
Updated on 3 June 2024
The previous version can be downloaded here.
Additional information: Terveystalo privacy statement for corporate customers, and Information about consent.
Terveystalo's other privacy statements can be found on the Privacy Statement selection list.
Controller
Suomen Terveystalo Oy (hereinafter referred to as “Terveystalo”)
Jaakonkatu 3A, 6th floor, 00100 HELSINKI, Finland
Suomen Terveystalo Oy shares its patient register with Terveystalo and the healthcare service providers who provide services at Terveystalo as self-employed professionals or through external companies.
Personal data is processed for the following purposes and on the following legal basis:
- The provision of healthcare services on the basis of the law
- The provision of occupational health services on the basis of the law or customer’s consent
- The assessment of a need for work ability and well-being services as well as for the purpose of targeting and providing services on the basis of an agreement between the customer and Terveystalo, the law or Terveystalo’s legitimate interest
- The supervision of healthcare professionals’ operations and the quality of their work on the basis of the law
- Marketing and/or communications on the basis of the customer’s consent, an agreement or Terveystalo’s legitimate interest
- The planning, development, management, monitoring and reporting of Terveystalo’s own operations and services as well as for quality assurance and knowledge management on the basis of the law or Terveystalo’s legitimate interest
- Research and the compiling of statistics on the basis of consent, the law, public interest or Terveystalo’s legitimate interest
- The handling of customer contacts, feedback, official clarification requests, and incidents on the basis of the law and Terveystalo’s legitimate interest
- The provision of digital services targeted at logged in customers on the basis of the law, an agreement between the customer and Terveystalo or the customer’s consent
- Invoicing, payment collection on the basis of the law or an agreement between the customer and Terveystalo
- Investigation and fixing of an error in a digital service (e.g. online service, application) on the basis of Terveystalo’s legitimate interest
- Monitoring of user’s online behaviour and use of digital services on the basis of Terveystalo’s legitimate interest or the customer’s consent
- Ensuring legal protection of Terveystalo and the customer as well as meeting statutory or other obligations based on regulations and guidelines issued by authorities, the verification of abuses and usage monitoring on the basis of law or legitimate interest
Additional information: Consents
More details on the purposes of the processing
Personal data is processed for the provision of healthcare services
- For the organization, planning, implementation and monitoring of a patient’s examinations and care
- For the management of appointments
- Invoicing for the services
- As part of the implementation of healthcare services, we analyze the health data generated in connection with a patient’s healthcare service use and implementation of care in an automated manner for healthcare purposes, such as assessing the state of health (analysis of laboratory samples and imaging recordings with medical devices) and promotion of health (profiling)
Personal data is processed for the provision of occupational healthcare services
- For the planning, implementation and monitoring of occupational healthcare patients’ examinations and care
- For the assessment of work ability
- For the implementation of an action plan
- For the management of appointments; if the occupational health service includes an appointment booking on the basis of profiling, such profiling is conducted only on the basis of the patient’s consent
- For service invoicing and statutory and/or group-level reporting to customer organizations
- As part of the implementation of occupational healthcare services, we analyze the health data generated in connection with a patient’s healthcare service use and implementation of care in an automated manner for healthcare purposes, such as assessing the state of health (analysis of laboratory samples and imaging recordings with medical devices), monitoring the treatment of long-term illnesses, assessing the need for work ability support and promotion of health (profiling)
Personal data is processed for the provision of work ability and well-being services
- For the provision of work ability coaching
- For the provision of well-being services
Personal data is processed to ensure the quality of healthcare professionals’ operations and work
- For ensuring appropriateness of the processing of patient information and other personal data
Personal data is processed for communication and marketing purposes
- For taking care of customer relationships, for example, reminding customers of appointments, referrals and renewals of prescriptions and vaccinations
- For communicating clinical studies at the patient’s consent
- For the collection, monitoring, and analyzing of information concerning customer interests and choices and wishes related to services and clinics, and developing the related customer services
- For the registration and marketing of activities and benefits pursuant to the loyalty program
- For the consideration of customer wishes and the targeting of services
- For the communication and marketing of products and services
- For the targeting of communication, marketing and services
- For the implementation of market research and surveys
- For analyzing, profiling, segmenting and drafting statistics for the aforementioned purposes
Personal data is processed for the handling of customer contacts, feedback, official clarification requests and incidents
- For the processing of customer contacts and feedback
- For the handling of notifications and complaints pursuant to the Patients Act
- For the processing of other official requests for clarification
- For the processing of incident reports
- Communication between customers and the customer service center (such as telephone conversations) are recorded to verify service events and ensure the quality of the service, for development purposes as well as to ensure the legal protection of the parties involved
Personal data is processed for the provision of digital services targeted at logged in customers (e.g. Terveystalo application, Terveystalo online services)
- For the management of the contact information and consent of a user registered for the service and for reviewing health information
- For the management of appointments
- For the use of remote services
- For communication and exchange of information between Terveystalo and the customer
- For making payments related to transactions
- For the offering and marketing of services provided by the controller or its partners
- For sending reminders and recommendations related to health in the service
- For monitoring, analyzing, and profiling information on registered users’ interests as well as their choices and wishes related to services and clinics, and for developing the related customer services
We process the following personal data:
- Basic information
- Health information
- Information related to work ability
- Information related to well-being
- Gene test data , samples and anatomical models
- Employer information
- Appointment information
- Information and recordings of customer service events
- Invoicing and payment information
- Information of the digital services for logged in customers (e.g. Terveystalo application, Terveystalo online services)
- Information of customer contacts, feedback, official clarification requests, and incidents
- Other information related to the service
- Data related to the use of identification and authentication devices and services
- Data related to the use of our website and digital services, online behavior and analytics
- Consents, refusals and declarations of will
The categories of personal data processed
Basic information
Name, personal identity code, date of birth, contact details, mother language and language of service, occupation, other identification information (e.g. copy of a passport, where necessary), next of kin or other contact person specified by the patient, guardians or other legal representatives of underaged patients with their contact details, information on the underaged children in the custody of the patient, information on caregiving, legal representative assigned to the patient with contact details
Health information
- Information required for purposes of organizing, planning, implementing and monitoring the treatment of the patient (e.g. patient records, photographs, video- and audio records, referrals, statements, certificates and forms)
- Health and self-care data provided by the patient (e.g. preliminary data concerning medical history, questionnaire responses)
- Information on laboratory tests, imaging studies, and other examinations
- Prescriptions and associated markings
- Information related to physiotherapy and occupational physiotherapy as well as information related to the employer (such as workplace visits)
Information related to work ability
- Information related to assessment of work ability
- The customer data used in the work ability coaching services
Information related to well-being
- Information related to well-being, such as replies to questionnaires, follow-up data and analyses
- Measurement data produced or submitted by the customers themselves
- Information about use of well-being services
Gene test data, samples and anatomical models
- Samples associated with genetic testing and test results
- Other samples and anatomical models
Employer information
- Information pertaining to the employer of occupational healthcare customers, such as department or unit, job title, superior-subordinate, sickness fund membership, the employer’s insurance company details
Appointment information
- Customer, date, time, place and the person for whom the appointment was made as well as the person who made the appointment and date on which it was made
- Appointment history
Information and recordings of customer service events
- Communications between Terveystalo and the customer
- Telephone number of the caller, identifier of the recipient, date and hour, and the recording of the conversation
- Chat session recordings
- Parties to the chat, date and hour, and the recording of the chat
Invoicing and payment information
- Invoicing information concerning treatment and other services
- Payer information related to the treatment or care (for example insurance company and insurance information)
- Order, payment and payer information related to the online store
Information of the digital services for logged in customers (e.g. Terveystalo-application, Terveystalo online services)
- Information on health as well as any mobility limitations, injuries, illnesses, or other health problems provided by the user
- Vaccination information
- Information on hobbies and other interests
- Information related to the use of a heart rate monitor or activity tracker
- Other information entered by the user in relation to the user’s health and fitness
- Payment related information
- Communication between Terveystalo and the customer
- Information required for arranging remote care such as voice or video or photos possibly sent by the user
- Location data of the user’s end device (where the user has consented to the use of location data) for purposes of offering appointments in clinics located close to the user
- Information related to use of identification and authentication devices and services, other identification information
- Use log and measures taken by the user in digital services
The handling of customer contacts, feedback, official clarification requests, and incidents
- Customer contact, feedback or clarification request and the replies to them
- Contact information given by the customer or the feedback provider
- Incident description and the report given to the person concerned
Other information related to the service
- Name and title of the person who made the note on the patient record as well as data and time on which it was made
- Customer data of social care provided for purposes of organization and implementation of health service
- Information on satisfaction in services and comments on the controller’s services
- Information related to wishes, choices, and services that the user would like to have
- Market research and questionnaire responses
- Contact history
- Information recorded from a third party register with the user’s express consent
- Loyal customer information
- Information on medical devices and materials to be loaned or rented to the customer
Information related to the use of digital services and website, online behavior and analytics
- Access right and login information
- IP address and information concerning the user’s network connection
- Information on the user’s end device, browser and operating system
- Session ID, timestamp and other corresponding information
- Information on the use of applications and other digital services (e.g. log data, data collected by using cookies and other corresponding monitoring technologies, web analytics)
- Website behavior during the session
Consents, refusals and declarations of will
- Consents to data sharing in Kanta-service, consents and prohibitions
- Organ donation wills, living wills and other declarations of will by the patient
- A person’s consent and refusal information related to direct marketing and the processing of personal data
Terveystalo only stores personal data that are necessary for Terveystalo’s operation and for the purposes the personal data in question are processed. Terveystalo only stores personal data if it has a legal basis for its processing. Storage period of personal data is determined on the basis of the purpose the personal data in question are processed and/or the personal data in question. Storage period is affected by legal obligations concerning storing of personal data as well as other time limits for different actions (e.g. a period of filing a suit, expiration of time limit for the right to institute criminal proceedings).
- In accordance with the Act on Processing of Client Data in Healthcare and Social Welfare, patient data, i.e. information related to a patient’s medical care must in general be stored for a period of 12 years after the patient’s death or, if there is no information about the patient’s death, for 120 years after the patient’s date of birth.
- Recordings of customer service events are in general stored for a period of six months.
Terveystalo erases personal data that are no longer necessary for the purposes they were processed even during the customer relationship. Such personal data may relate to e.g. marketing and the use of online services. Personal data are anonymised or securely destroyed when they are no longer necessary for the purposes they were processed, when they are outdated or where there is otherwise no basis for their continued processing.
The personal data to be processed is primarily collected from the customer themself, the patient’s guardian or other legal representative. Personal data is also collected from the medical staff in connection with examination and treatment as well as from medical devices and software.
Another healthcare service provider may receive patient information of other healthcare service providers as well as client data of social welfare concerning the patient via the Kanta service in accordance with the customer’s disclosure permission (consent) and refusals in order to organize and implement healthcare services. Patient information of healthcare service providers may also be received similarly via a shared information system. The disclosure permissions (consents) and refusals can be managed through Kela’s MyKanta service or through a healthcare service provider. If the patient is not capable of assessing the significance of the disclosure permission due to a memory disorder, mental health disturbance, handicap or other comparable reason and the patient does not have a legal representative, or if the disclosure permission cannot be obtained due to the patient's unconsciousness or other comparable reason, a health care service provider may receive the necessary patient information of other health care service providers in order to organize or implement the patient's essential health service without the patient's disclosure permission.
The basic information of the customer may be updated from the Digital and Population Data Services Agency’s Population Information System.
In occupational healthcare, a patient’s basic information and the workplace’s contact information as well as changes to them are received from the employer.
Personal data is also obtained from third party healthcare service providers with the patient’s consent or on the basis of the law.
In some situations, data is also received from insurance companies or pension insurance companies.
Suomen Terveystalo Oy’s patient register is shared between Terveystalo and the different service providers operating there, which operate as independent practitioners or through separate companies. A patient may give their consent to the disclosure of their patient data between healthcare service providers operating in Terveystalo and participating in the patient’s care. Additional information: Consents
The processing of personal data is outsourced to Group companies and/or external service providers who process the personal data on behalf of Terveystalo. Personal data may be transferred outside the EU or the EEA within the confines of legislation. In such cases, the transfer takes place in accordance with the European Commission’s standard contractual clauses or some other transfer mechanism permitted by data protection legislation. However, e.g. the patient information systems used by Terveystalo are located in the EU/EEA.
Personal data are also in some cases disclosed to services providers who act as independent controllers, such as payment, financing or collection service providers (e.g. Walley, MobilePay, Smartum Pay, Santander Consumer Finance, RopoCapital) as well as delivery and courier service providers.
Personal data is disclosed to the following parties on the basis of the law or customer’s consent:
Kela’s Kanta services
- Patient information are saved by law in the national information system services for healthcare and social welfare maintained by The Social Insurance Institution of Finland (Kela), such as the client data repository.
- The Information Management Service composes up-to-date patient information essential for the implementation of healthcare and produces summaries of said data for purposes of implementing the patient’s treatment. Kela and the healthcare provider act as the joint controllers of the Information Management Service. By law, Kela acts as the contact point for data subjects and is responsible for the disclosure of data saved in the Information Management Service. Additional information on the joint register of the Information Management Service: https://www.kanta.fi/en/privacy-policies.
- Information on the fact that the data subject has been informed of the Kanta services, on the data subject's disclosure permissions, consents and denials concerning the disclosure of data, as well as on declarations of will (e.g. living will and opinion on organ donation) are saved in the system for issuing declarations of intent. Kela and the healthcare service provider act as joint controllers of the system for issuing declarations of intent. By law, Kela acts as the contact point for data subjects and is responsible for the disclosure of data stored in the system for issuing declarations of intent. Additional information on the joint register of the system for issuing declarations of intent: kanta.fi/en/privacy-policies.
- Electronic prescriptions and possibly the information on medicines handed over to the patient by a healthcare service provider are saved in the Prescription Centre. The Prescription Centre is a joint register, the controllers of which are Kela, pharmacies and service providers and independent professionals who prescribe e-prescriptions. By law, Kela acts as the contact point for data subjects. Additional information on the joint register of the Prescription Center: kanta.fi/en/privacy-policies.
Another healthcare service provider
- Information required for the organization and implementation of health service may be disclosed to another healthcare service provider in accordance with a patient’s consent or a Kanta services disclosure permission or denials.
- Information required for the organization or implementation of health service can be disclosed to a healthcare service provider if the patient is not capable of assessing the significance of the the Kanta service disclosure permission due to a memory disorder, mental health disturbance, handicap or comparable reason and the patient does not have a legal representative, or in case the disclosure permission cannot be obtained due to the patient’s unconsciousness or other comparable reason.
Kela
- In case the customer requests Terveystalo to apply for Kela-reimbursement on the customer’s behalf, information on reimbursable measures taken during appointment and referrals that are necessary for purposes of payment of the healthcare service are disclosed to the Social Insurance Institute of Finland (Kela).
Insurance companies
- Data necessary in respect of statutory insurance is disclosed to insurance companies on the basis of the law, without consent.
- Data necessary in respect of voluntary insurance is disclosed on the basis of the patient’s consent.
Employers
- When the patient is an occupational healthcare patient, data can be disclosed on the basis of the patient’s separate and explicit consent, e.g. where the employer uses the electronic transmission service for A certificates to the work ability control system provided by Terveystalo.
Authorities and entities
- Data is disclosed to authorities and entities with a right to information pursuant to the law on the basis of a written and specified request and in the format and scope required by the matter, or on the basis of the customer’s consent.
Patient’s next of kin
- If an adult patient is unable to decide on their treatment due to a mental health disorder, handicap or other reason, the patient's legal representative, next of kin or other close person has the right to obtain the information on the patient's health necessary for being heard and giving consent on an important treatment decision.
- In the event that the patient is unconscious or under medical care for some equivalent reason, information can be disclosed to next of kin or to another person close to the patient, unless there is reason to believe that the patient has prohibited the disclosure of the data.
Research organizations
- Data included in patient records can be disclosed to research organizations in accordance with the law on the basis of the customer’s consent.
In the event of a patient’s death, the secrecy obligation and need for privacy protection remains in force, meaning that data cannot be disclosed without a legal basis.
Based on the Communicable Diseases Act, any information needed to detect an epidemic, identify the cause and trace-back can be submitted to the Finnish Institute for Health and Welfare and the wellbeing services county/HUS Group.
Right of access
- Data subjects have the right to know whether personal data concerning them are being processed and to access data concerning themselves.
- The data subject can access and review their information in digital services targeted at logged in customers (e.g. Terveystalo application and Terveystalo online service) and through the MyKanta service (https://www.kanta.fi/en/my-kanta-pages). In addition, the data subject can make a request for inspection of his or her personal data.
Right to rectification
- Data subjects have the right to request the rectification of erroneous or incomplete data.
Right to erasure
- Data subjects have the right to request the erasure of their personal data. Requests for erasure are implemented within the confines permitted by the law. In respect of information concerning a data subject’s health, Terveystalo has a legal obligation to store the data pursuant to the Act on Processing of Client Data in Healthcare and Social Welfare.
Right to object or restrict processing
- The data subject has, in certain situations, the right to object to the processing of their personal data on grounds related to their particular situation at any time.
- A data subject has, in certain situations, the right to request the restriction of the processing of their personal data. E.g., if the data subject contests the accuracy of their personal data, the processing of the personal data is restricted for the duration of the investigation. The controller has the right to refuse the data subject’s request if restricting the processing of personal data could cause serious danger to the health or treatment of the data subject or to the rights of the data subject or someone else.
Right to data portability
- A data subject has the right to request that their data be transmitted from one system to another if the data has been provided by the data subject themselves and if the processing of the personal data is based on consent or an agreement. The right to data portability does not apply to patient information.
Right not to be subject to an automated decision-making
- The data subject has the right not to be subject to a decision based solely on automated processing, such as profiling, which produces legal effects concerning them or similarly significantly affects them. However, there are exceptions to this prohibition.
Withdrawal of consent
- Where the processing of personal data is based on consent, the data subject can withdraw their consent at any time. The consent can be withdrawn in accordance with the instructions given in the service that is based on consent or by contacting Terveystalo’s customer service.
Right to refer the matter to a supervisory authority
- A data subject has the right to refer the matter to the supervisory authority (Data Protection Ombudsman in Finland) if the data subject is of the opinion that the processing of personal data concerning them infringes data protection legislation. More information can be found on the Data Protection Ombudsman’s website: tietosuoja.fi/en.
Requests pertaining to the rights of data subjects must primarily be made in writing at a clinic or in the digital service targeted for logged in customers (more information in Finnish). The data subject’s identity is verified in a reliable way when the request is submitted. At the Terveystalo clinics the data subject’s identity is verified from an official identification document. In the digital services identity is verified when the data subject logs in using Finnish online banking codes or a mobile certificate. These procedures ensure confidentiality and appropriate processing of personal data.
Terveystalo applies the appropriate physical, technical, and administrative protection measures to protect data from misuse. These measures include, among others, control and filtering of network traffic, use of encryption techniques and safe data centers, appropriate locking systems and access control, controlled granting of access rights and supervision of their use, giving instructions to staff participating in personal data processing and risk management related to the planning, implementation, and maintenance of our services. Terveystalo chooses its subcontractors carefully and uses agreements and other arrangements to ensure that they process data in compliance with the law and good data protection practices.
DATA PROTECTION OFFICER
email tietosuoja@terveystalo.com
Terveystalo’s Data Protection Officer
Suomen Terveystalo Oy
Jaakonkatu 3A, 6th floor, 00100 HELSINKI, FINLAND
Please note that in order to secure your privacy, ordinary, unencrypted email must not be used to send health information or other sensitive personal data (e.g. personal identity code). If necessary, you can request the encrypted email service provided by Terveystalo.