Provision of emergency services
13.2.2024
Controller
Emergency Response Centre Agency
Contact information
Emergency Response Centre Agency
Postal address: PO Box 112, FI-28131 Pori, Finland
Street address: Satakunnankatu 3–5, 28100 Pori, Finland
+358 295 480 112 (switchboard)
[email protected]
Purpose and legal basis of personal data processing
According to the Act on Emergency Response Centre Operations 692/2010), the task of the Emergency Response Centre Agency is to provide emergency response centre (ERC) services in accordance with the instructions of the competent authority and support services related to the provision of ERC services. ERC services refer to the receipt and assessment of emergency calls and notifications and the forwarding of the emergency call or assignment to the relevant authority. In addition, the Emergency Response Centre Agency is tasked with the development and maintenance of the ERC information system and the development, training and monitoring of tasks and procedures related to ERC services.
In the performance of the above tasks, the Emergency Response Centre Agency processes personal data for the purpose of carrying out its statutory duties. Personal data will only be processed to the extent necessary to carry out official duties. Personal data belonging to special categories of personal data (including health), sensitive personal data (including data related to social services) and personal identity codes are only processed if the processing is necessary for the performance of official duties. The categories of personal data processed vary depending on the nature of the emergency. Personal data collected during the processing of the emergency call will also be forwarded to the competent authorities when the Emergency Response Centre Agency forwards the assignment to the relevant authority.
The Emergency Response Centre Agency also processes personal data in connection with the processing of non-emergency notifications. The development and maintenance of an ERC information system may also require the processing of personal data when troubleshooting individual problems. Personal data may also need to be processed in the development of tasks and procedures related to ERC services. Personal data is also processed for control purposes, such as quality control and legality control. Personal data processed for training purposes is pseudonymised, which means that it cannot be linked to any individual natural person.
Content of the data file
The personal data and other necessary information collected during the processing of the emergency call is stored in the ERC information system. In addition, all emergency call are recorded. The personal data stored in the system depends on the nature of the emergency and the information available.
General information stored in the system includes the name, phone number, address and location of the person reporting the emergency and the name of the person in need of aid, if known to the reporter. In addition, in assignments related to first aid, it is necessary to also process and store information related to the health of the person in need of aid.
The minimum amount of personal data required to carry out the assignment is stored for each assignment. For more information on categories of personal data processed, please see Section 17 of the Act on Emergency Response Centre Operations.
Regular sources of data
The categories of data listed in the section ‘Data content of the file’ of this privacy statement are received from the person reporting the emergency and from rescue services carrying out the assignment.
Notwithstanding confidentiality provisions and in order to perform the duties described in the Act on Emergency Response Centre Operations, the Emergency Response Centre Agency and its personnel have the right to receive necessary data free of charge to secure initial procedures or occupational safety or to support the authority or unit in question, as agreed with the appropriate controller. For this purpose, the Emergency Response Centre Agency and its personnel have the right to receive data from the authorities' systems in accordance with Section 19 of the Act on Emergency Response Centre Operations.
Erasure of personal data
The Emergency Response Centre Agency will begin the process to erase personal data after 4.5 years from the date of receipt of the emergency call or notification. The maximum retention period permitted by law is five years.
Transfer and recipients of personal data
Personal data is transferred from the ERC system to the operational systems of the police, emergency services, social and health services and the Border Guard for the purpose of carrying out emergency services. The necessary data is transferred to the relevant authority in connection with the alarm message via different systems.
The amount of personal data that is transferred is the minimum needed for the emergency assignment in question. In addition, emergency call data is processed in the voice groups of the public authority network between the ERC and the authority carrying out the assignment.
Disclosure of personal data
Data in the ERC system may be disclosed without prejudice to confidentiality provisions as follows:
- To the Ministry of the Interior and the Ministry of Social Affairs and Health, in the extent necessary for directing, steering and supervising the respective field of operations and for planning and development tasks
- To Regional State Administrative Agencies, in the extent necessary for duties related to the supervision of rescue services and health and social services
- To the Emergency Response Centre Agency, emergency call records, data about the assignment related to the call and other necessary data for the purpose of internal legality control and the enforcement of the employer’s right to direct and supervise work
- To the police, rescue services, health and social services, the Border Guard or other entity alerted by the Emergency Response Centre Agency or for which the data has been obtained upon request, data related to the assignment or measures necessary for the performance of duties, data necessary for protecting the safety of the person involved and occupational safety, and necessary data about the units involved in the performance of the assignment
- To Finnish Customs, in the extent necessary to protect the safety of the person involved and the occupational safety of customs officials in the course of performing statutory duties
- Without prejudice to non-disclosure obligations, data that is necessary to protect life or health or to avoid significant environmental or property damage may be disclosed in individual cases.
- To other data controllers, in the extent necessary for the implementation of legality control, planning and development activities. The controllers of the ERC system are wellbeing services counties, the City of Helsinki, HUS Group, the National Police Board of Finland, the Finnish Border Guard and the Emergency Response Centre Agency.
Technical and organisational safeguards
The ERC information system operates in the TUVE network. Uses receive predefined and personal access rights based on the scope of their duties. As the authority responsible for the system, the Emergency Response Centre Agency determines the access rights to the ERC information system. Access rights are primarily managed centrally. Login to the system is done using an access card.
Unauthorised access to the system is prevented with technical encryption solutions. The data content is protected by technical safeguards and security measures, including risk management, continuity management and incident management. Manual data is stored in locked premises protected with access control. Data in the system can only be processed by individuals whose duties require processing.
The Emergency Response Centre Agency monitors compliance with the regulations on the processing of personal data and trains personnel on personal data processing and data protection. The Emergency Response Centre Agency is responsible for safeguarding data stored in the ERC information system.
The controllers are responsible for the accuracy of data they store in the system and for the lawfulness of processing in the performance of their duties.
Withdrawal of consent
When providing ERC services, the processing of personal data is based on the statutory duty of the Emergency Response Centre Agency. The necessary personal data is stored in the ERC information system for the purpose of carrying out emergency response centre operations. The processing of personal data is not based on consent.
Privacy Statements
Information of webbsite - Cookies
Request for information
Change the language of the form from the flag in the upper right corner.
Request information relating to a specific emergency call
Request to inspect personal data
Contact
E-mail:
[email protected]
Address:
Hätäkeskuslaitos
PL 112
28130 Pori
Switchboard:
0295 480 112