Support Centre

Finland: Ombudsman issues advice on security breaches

The Office of the Data Protection Ombudsman ('the Ombudsman') issued, on 17 June 2020, advice to social, healthcare, and pharmaceutical companies on having procedures in place for detecting security breaches. In particular, the Ombudsman's advice comes in response to a request for clarification sent out by the Ombudsman to 2,200 data protection officers and self-employed persons covered by obligations under the Act on Electronic Prescriptions 61/2007. In addition, the Ombudsman highlighted that social, healthcare, and pharmaceutical companies must be adequately prepared for data security breaches in the event of the same, and that policies need to be in place to identify and detect such breaches.  

Moreover, the Ombudsman noted that written instructions and training materials must be updated if they do not contain up-to-date instructions for security breaches involving personal information.   

You can read the press release, only available in Finnish, here