Instructions for researchers
Researchers using research data must make sure that the data are protected. Prior to the start of the study, the researcher’s responsibilities should be studied with due care. Read carefully the rules and guidelines of the Research Services.
What information can Statistics Finland give?
On the basis of the Statistics Act (280/2004), Statistics Finland may release or grant permission to use confidential data collected for statistical purposes from which the possibility of direct identification of a statistical unit (e.g. person, enterprise) has been removed.
By virtue of Section 19 of the Statistics Act (280/2004), data on age, gender, education, occupation and socio-economic group may also be released with identification data. Statistics Finland may release data on causes of death with identifiers based on the Act on the Openness of Government Activities (621/1999).
- Finlex: Statistics Act (280/2004) (PDF)
- Finlex: Act on the Openness of Government Activities (621/1999) (PDF)
Ensuring the data protection of research data
Both Statistics Finland and researchers are responsible for the data protection of research data files.
The processing of personal data is guided by the General Data Protection Regulation (2016679) of the European Union and the supplementary national Data Protection Act (1050/2018). In addition, the use licence granted to a research project is subject to obligation of secrecy.
- EUR-Lex: European Union’s General Data Protection Regulation (2016/679)
- Finlex: Data Protection Act (1050/2018) (PDF)
Statistics Finland is responsible for the data protection of the data files prior to their release for research use and for the data security of the remote access environment.
Researchers must ensure data protection during the research use of their data files and when publishing research outputs. When processing data files released for research use or working in a remote access environment, the researcher must ensure, in accordance with the obligation of secrecy, that the data are not revealed or released to parties that do not have a licence to use the data. According to the obligation of secrecy, the researcher must ensure that the research results do not contain unit-level data, that is, data concerning an individual person or enterprise, or the possibility of their disclosure. The researchers are responsible for the implementation of data protection in the research results they publish.
The Office of the Data Protection Ombudsman has published guidelines on the processing of personal data in scientific research: Scientific research and data protection.
Licence holder as a controller
When Statistics Finland releases data or cause of death data by virtue of Section 19 of the Statistics Act, the recipient of the data becomes a controller of personal data. Moreover, granting the applicant access to indirectly identifiable personal data actually constitutes release of personal data. The licence holder thus becomes a controller of data that is responsible for fulfilling the obligations set in the general and special legislation concerning the processing of personal data.
Rules and instructions of the Research Services (PDF)
- Login instructions for Fiona (PDF)
- Data protection and the result checking process (PDF)
- Rules of Statistics Finland's Research services (PDF)
- Using the FIONA remote access system (PDF)
- Data protection of delivered data (PDF)