Information security policies and terms
Legislation, policies, and terms related to information security and applied to students and employees of the university and operations at the university are compiled on this page.
Finnish legislation defines general preconditions for the production, administration, and users of IT services and the rights and obligations of both groups. The key laws related to the use of information technology and IT services are:
- Criminal Code (19.12.1889/39)
The Criminal Code acts as a basis for other legislation by describing the criminal offences and their punishments; chapter 38 describes crimes related to information and communication.
- Personal Data Act (22.4.1999/523)
The Personal Data Act covers gathering, processing, and storing of personal data. Due to the nature of its operations, the university has to process a great deal of personal data, which is why the Personal Data Act is used as a guideline in several operations. The obligations of the Personal Data Act are the reason why user accounts cannot be granted and forgotten passwords cannot be changed without confirming the ID of the account holder.
- Information Society Code (917/2014)
The objective of the Act is to foster the supply and use of electronic communications services and to ensure that everyone across Finland has access to communications networks and services at reasonable conditions.
- Act on the Protection of Privacy in Working Life (13.8.2004/759)
Act on the Protection of Privacy in Working Life covers the privacy of individuals in relation to their employer. The issues covered by the act also apply to students in some degree due to their close connection to the university.
Information security policy
Legislation defines the general acceptable norms and obligations on which the information and information technology-related policies of the University of Helsinki are based.
- University of Helsinki information security policy
The information security policy acts as a framework for the information security operations of the university, defining its objectives, obligations and methods of implementation.
- Privacy protection at the University of Helsinki
In issues related to privacy protection, the privacy protection group of the University of Helsinki acts as the highest organ, promoting and coordinating the management of privacy protection issues in university operations.
Information security rules and regulations