Patient Data Repository

Patient Data Repository

The Patient Data Repository is part of the nationwide Kanta services. Patient data stored in Kanta is easily and securely accessible by a healthcare professional.

Changes to names in the Kanta Services

The names of the following Kanta Services have been changed in May 2024:

  • Patient Data Repository -> Patient Data Repository (no change in English)
  • Client Data Archive for Social Welfare Services -> Client Data Repository for Social Welfare Services
  • The Archive of Imaging Data -> Imaging Data Repository

These changes will be updated to kanta.fi in stages.

If a health care provider uses an electronic patient information system, it must be enabled in the Patient Data Repository. A professional enters the patient's information into the patient information system, from where it is then stored in Kanta.

Kanta gathers together all the information generated in the patient’s treatment in a single place, both from public and private health care. The information in Kanta is up-to-date and easily available to professionals, even if there is a change of care provider. In addition, the information is available to the patient in MyKanta, which improves the flow of information between the care provider and the patient. 

The service’s deployment process progresses in phases.

Patient Data Repository functionalities and additional services

Once enabled by the service provider, use of the service can be extended to various functionalities and additional services. This allows users to get the most out of Kanta.

Instructions and support for Patient Data Repository customers

Use of the Patient Data Repository requires a commitment to national operating models. The Kanta services provide support and guidance at different stages of the patient relationship, as well as in the event of changes and disruption. 

Social and health care professionals using the Patient Data Repository follow harmonised national operating models. This includes harmonised recording practices, principles of the use and sharing of data, and compliance with a self-monitoring plan.

Learn more about operating models using Kanta training materials

You can learn about operating models relating to the use of Kanta in online training materials in Finnish and Swedish. The online training materials for health care are:

  • Operating models for the Patient Data Repository
  • Social and health care customers under the age of 18
  • Sharing of social welfare and health care data

The data stored in the Patient Data Repository will be stored securely for a period of time required by law. The data does not need to be archived in any other systems, which makes storage more straightforward. All data transfers between health care and the Kanta services are encrypted.

Patient data should only be viewed and used by a health care professional if the data is needed to treat the patient. Health care manages who has the right to process patient data in information systems. 

Professionals using data from Kanta must identify themselves using an ID card for regulated professionals in social and health care.
Searching for information in the Patient Data Repository always leaves a traceable log. The log information shows who processed the data. This can be used to monitor the lawful use of data.

The controller of the patient data is the health care provider who produced and stored the data in the Patient Data Repository. The controller is responsible for the accuracy of the patient data it produces and for correcting incorrect data.

In an organisational change, the controller must ensure that the controller of the archived data is changed to reflect the new situation.

In some cases, both the health care provider and Kela act as the controller. The joint controller role pertains to disclosure logs generated in health care, as well as to the Information Management System and the Declaration of Intent service.

Patient data stored in the Patient Data Repository is always available to the data controller who stored the data. If patient data is retrieved from another health care controller’s register, this constitutes data sharing for which the patient’s consent is required.

Consent and denials of consent to data sharing are stored in the Declaration of Intent service, which is automatically deployed along with the Patient Data Repository.

Read more

Read more

Last updated 16.8.2024