FSHS online communication guidelines
FSHS staff members must comply with the following online communication guidelines.
To be able to access the FSHS online communication services, students must first pay the FSHS healthcare fee. The autumn term starts on 1 August and the spring term on 1 January annually.
As the FSHS must ensure data protection and confidentiality, FSHS staff may only communicate online by means of a secure communication channel with sufficient encrypting and strong authentication of the parties involved. The following communication channels are secure:
Self (electronic health questionnaire, appointment booking, secure messaging, forms and questionnaires, chat and video consultation)
Suomi.fi messages (started via forms accessible via yths.fi)
Remote testing for sexually transmitted diseases via Telelab.fi
Unencrypted communication channels (e.g. e-mail) must never be used to send personal data, patient data, medical records or treatment information, irrespective of whether the student expressly consents to this or not. Information on whether or not a person is being treated at FSHS (for instance, information on appointment bookings) is also considered patient data.
A student can use unencrypted communication channels to ask for general advice, for instance on when a service is available and how to book it. When responding to such general queries, FSHS staff may use the communication channel chosen by the student (e.g. Facebook, Twitter, email). If the contact involves confidential information, the student must be advised to use the communication channels specified above in point 1.
Mobile phone SMS messages are technically more secure than unencrypted email, and the FSHS may use them to send information in the following cases:
Other automatic reminders generated by the patient data system
Customer feedback collection
Processing electronic prescription renewal requests
Other communication if the student cannot be contacted via the primary methods (phone, secure communication channels)
The only messages sent by email by the FSHS are automatic reminders generated by the patient data system that do not contain confidential information.
The use of SMS messages, email and secure communication channels in healthcare always requires the student’s consent. Consent is primarily given via the Self portal, which transmits the information to the patient data system. The contact details used by the FSHS are those provided by the students themselves.
All communication related to the treatment of an individual student must be recorded in the patient data system.
Source: Statement by the Data Protection Ombudsman, 1 July 2010, record number 1475/41/2009