You may be trying to access this site from a secured browser on the server. Please enable scripts and reload this page.
Home
Internal
Global
Contatto
it
Rödl & Partner ha prestato la propria consulenza per il perfezionamento dell'acquisizione del Gruppo italiano FGV da parte di Hettich |
In tutto il mondo
It looks like your browser does not have JavaScript enabled. Please turn on JavaScript and try again.
✕
Mondiale
Algeria
Angola
Arabia Saudita
Argentina
Australia
Austria
Azerbaigian
Bahrain
Belgio
Bielorussia
Bosnia ed Erzegovina
Botswana
Brasile
Bulgaria
Cambogia
Canada
Cile
Cina
Cipro
Colombia
Corea del Sud
Costa Rica
Croazia
Danimarca
Ecuador
Egitto
Emirati Arabi Uniti
Estonia
Etiopia
Finlandia
Flippine
Francia
Georgia
Germania
Ghana
Giappone
Grecia
Hong Kong
India
Indonesia
Irlanda
Italia
Kazakistan
Kenya
Kuwait
Lettonia
Libia
Liechtenstein
Lituania
Lussemburgo
Macedonia del Nord
Malesia
Marocco
Mauritius
Messico
Moldavia
Mongolia
Mozambico
Myanmar
Namibia
Nigeria
Norvegia
Nuova Zelanda
Oman
Paesi Bassi
Pakistan
Perù
Polonia
Portogallo
Qatar
Regno Unito
Repubblica Ceca
Romania
Serbia
Singapore
Slovacchia
Slovenia
Spagna
Sudafrica
Svezia
Svizzera
Taiwan
Tanzania
Thailandia
Tunisia
Turchia
Ucraina
Uganda
Ungheria
Uruguay
USA
Uzbekistan
Vietnam
Zambia
I nostri uffici Rödl & Partner
German Professional Services Alliance -
GPSA
�������������������������������������������������������������
(I colori appaiono al passaggio del mouse)
Utilizziamo cookie tecnici per personalizzare il sito web e offrire all’utente un servizio di maggior valore. Chiudendo il banner e continuando con la navigazione verranno installati nel Suo dispositivo i cookie tecnici necessari ai fini della navigazione nel Sito. L’installazione dei cookie tecnici non richiede alcun consenso da parte Sua. Ulteriori informazioni sono contenute nella nostra
Cookie Policy
.
Approfondimenti
Servizi
Whistleblowing
Data Protection
Servizi legali
Servizi fiscali
Servizi multipractice
Industry
Revisione contabile
Formazione
Professionisti
Media
Rödl E-Book
RÖDL REPLAY - I NOSTRI WEBINAR
Newsletter
Legal Newsletter
Tax Newsletter
Data Protection Bites
Comunicati stampa
Comunicati operazioni
Rödl E-Book
Rödl & Partner sulla stampa online
Eventi
Su di noi
Currently selected
E-Book INTERNATIONAL VAT GUIDELINES
Uno studio internazionale
Uno studio internazionale
Le nostre sedi
Impegno sociale
Whistleblowing
Codice Etico
Modello 231
Sostenibilità
Carriera
Media
Pubblicazioni
Newsletter
Data Protection Bites
Data Protection Bites 4/2020
Data Protection in Finland during Covid-19
Recent
Italian (Italy)
Currently selected
Consulenza legale, Consulenza fiscale, Audit, Servizi in outsourcing
Approfondimenti
Carriera
Cookie Policy
Cookie Policy
Eventi
Home
Informativa Privacy
Media
Privacy Policy
Professionisti
Servizi
Uno studio internazionale
BPO - Business Process Outsourcing
no-it-version-available
Profile
Error 404!
Error 401!
Data Protection in Finland during Covid-19
Page Content
P
ublished
on 14 May 2020
| Reading time approx. 3 minutes
Here are some news in a nutshell about Data Protecion in Finland during Covid-19.
Processing of health data and geolocation »
Data protection obligations »
Pan-European COVID-19 mobile application approach »
Teleworking »
Websites protection »
Country specifics »
Processing of health data and geolocation
Authorities in relation to citizens
The European Data Protection Board has 04/2020 provided guidelines concerning the use of location data and contact tracing tool in connection with the COVID-19 pandemic. The guidelines provide the principles that must be taken into account when using location data for preventing the virus. The Board emphasizes that the use of contact tracing applications should be voluntary and the main purpose should be keeping distance rather than find out the location.
The Board underlines that one should not have to choose between an efficient response to the current crisis and the protection of our fundamental rights: we can achieve both, and moreover data protection principles can play a very important role in the fight against the virus.
Employer
It is generally permitted to process personal data for the purpose of treating and preventing serious infectious diseases. The employer can collect data concerning the employees’ state of health from the employees. The collection of such data from other sources requires the employee´s written consent. The employee´s health data may only be processed by people whose job description includes processing. They are also subject to a confidentiality obligation. If an employee is diagnosed with COVID-19, the employer may not make it public but only inform other employees in general terms and instruct them to work from home.
According to the Finnish Act on the Protection of Privacy in Working Life, examinations and tests concerning the employees state of health shall be performed and taken by health care professionals.
Clients and visitors
The main principle is that like in the rules concerning the employees, examinations and tests concerning the clients and visitors shall be performed and taken by health care professionals. Consent must be obtained.
Data protection obligations
It is important to recognise whether data can be processed by virtue of the GDPR or whether processing will require separate legislation or agreements in addition to GDPR.
For example, in the following cases processing is not possible by virtue of the GDPR alone:
Processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, for medical diagnosis. Such prosessing requires that the data is only processed by a health professional or person subject to a statutory obligation of secrecy.
Processing is necessary for reasons of public interest in the area of public health.
Any exceptions due to the emergency situation, to the obligation comply with GDPR and local laws? Or do all countries need to comply as always:
No exceptions to the obligation to comply with the GDPR exist in Finland. Data protection legislation must be complied with in the same manner as prior to the COVID-19 crisis.
Pan-European COVID-19 mobile application approach
Anonymised data on citizens’ movements is already available to the government. The government uses this data to support its decision making. The data is obtained by processing communication transmission data which cannot be linked to any one individual. The Chancellor of Justice has concluded that fully anonymised location data does not infringe data protection legislation or any one person’s rights.
Any mobile application, however, must be based on consent as it would require the processing of sensitive data. An application must abide by basic rights, such as the right to privacy and the freedom of movement. The data security of any pan-European mobile application would be paramount to ensure no data is leaked. In addition, the data must not be used for any other purpose than to contain the COVID-19 crisis. This is not only to ensure data is processed in accordance with the GDPR but additionally to ensure user confidence in the application.
Teleworking: country specific guides to regulate teleworking
The government has not set any general teleworking guidelines. Each company sets their own guidelines. In general Finland was very progressive with regards to teleworking prior to the COVID-19 crisis. Teleworking had been increasing year by year. Data security and data protection are as important when working from home as working from the office. The employee must ensure that no data, personal or otherwise, is leaked to third parties. In this respect data must not be made available to family members, for example, by leaving papers and notes on tables or not logging out of company computers when not sitting by them.
Any guidelines set by companies must be abided by. The employee is responsible for securing any data whilst working out of the office.
Websites protection: attention to those companies who have seen the urgent need to launch into e-commerce
Any company wishing to enter into e-commerce must abide by data protection. In general, where products are shipped directly to consumers, companies shall process personal data (names, addresses, credit card and other payment details).
Country specifics
The Finnish Act on the Protection of Privacy in Working Life govern employee and employer relations with respect to data protection including the collection of health-related data.
CONTACT
Pekka Pulli
+358 050 3369343
Invia richiesta
RÖDL & PARTNER FINLAND
Discover more about our offices in Finland.
Read more »
DATA PROTECTION BITES
Our newsletter aims at collecting updates, news and insights on data protection matters worldwide,
with a special focus on the GDPR.
Read all releases »
Turn on more accessible mode
Turn off more accessible mode
Skip Ribbon Commands
Skip to main content
Turn off Animations
Turn on Animations
Deutschland
Weltweit
Search
Menu
