Data Protection Training for Green Users - Nov 2025
Introduction
Welcome to the FinnGen Data Protection Training for Green Users. The purpose of this Training is to help you understand what qualifies as Personal Data under the General Data Protection Regulation (GDPR) and what actions to take if you find FinnGen Personal Data outside the secure research environment.
As a Green User, you will conduct your research using FinnGen Green Data - aggregated or otherwise anonymized data from which no individual can be identified. Green Data does not include any individual-level data. The Green Data areas to which you have requested access should never contain any Personal Data.
However, it is essential that all our researchers, regardless of their access level, can recognize Personal Data, and know how to respond if it appears in the wrong context. Recognizing Personal Data when you see it in the wrong place makes it easier to detect accidental data leaks early—before they cause harm.
This training will only take you few minutes to complete. Please carefully read the information provided in this document and take the quiz linked at the end. FinnGen has sensitive health and genetic information, and protecting this data is a top priority for everyone involved.
What is Personal Data?
Personal Data is any information that relates to an identified or identifiable individual. If the data can be used on its own or combined with other data to identify someone, it is considered Personal Data. Examples of Personal Data include name, address, genomic data, lab results and diagnoses connected to a study ID, imaging data and biometric data. Pseudonymized data is still considered Personal Data. Please note that also the FinnGenID’s, the study ID’s given to FinnGen participants, are considered Personal Data.
FinnGen Personal Data should never be transferred, stored, investigated or in any other way processed outside the FinnGen Sandbox (Red). Any accidental handling or placement of personal data beyond the FinnGen Sandbox (Red) constitutes a data breach. If you encounter FinnGen Personal Data in any other environment, such as Library Green, email or presentation, please report it immediately. Prompt reporting ensures that any potential data breach can be thoroughly investigated, and risks swiftly mitigated. The process is described below.
What to do if I discover FinnGen Personal Data in the wrong place?
If you suspect a data breach, take immediate action by filling the online reporting form:
Online reporting form https://elomake.helsinki.fi/lomakkeet/103627/lomake.html
Or by contacting our Data Protection Officer directly:
email: [email protected]
phone: +358 50 4793618
If you have any questions or concerns about data protection, don’t hesitate to reach out to the FinnGen Data Protection Officer. You can find additional information and a link to the Data Breach Reporting form in the FinnGen Handbook.
Data Protection Quiz for Green Users
Thank you for taking the time to complete this Training. You may now proceed to take the quiz using the link below.
Note: you must answer all questions correctly to pass. If you don’t pass the quiz by 30 November 2025, your access to the FinnGen Library Green will be suspended.
Last updated
Was this helpful?