A survey by social and health sector regulators of the Helsinki branch of private psychotherapy firm Vastaamo which was the target of a serious hack earlier this autumn showed no shortcomings, according to the authority.
The firm was the target of a large-scale data breach that affected an estimated 40,000 patients. Some of the victims were blackmailed by the hacker, who threatened to release the sensitive information online. More than 25,000 criminal reports have since been filed by individuals over the matter.
The audit, carried out by the National Supervisory Authority for Welfare and Health (Valvira), focused on the security of patient data and monitored the firm's patient computer security system.
Valvira said the inspection of the company's Helsinki branch did not reveal any deficiencies which would require restricting the data system's use. It added that there was no need for immediate intervention in the company's services.
The regulator explained that the audit also examined the security remedies which the company put in place following the hack. The agency said the inspection helped to identify the root causes of the breach and oversaw the measures taken to protect the security of patient data.
Valvira said it plans to continue monitoring the company's data security measures, but noted that it could not comment further about the monitoring process as it was still ongoing.
The audit was done in cooperation with the National Cyber Security Centre at Traficom, the Finnish Transport and Communications Agency.