27.2.2026
Turvaposti’s information security management system was certified on 26 February 2026 as meeting the requirements of the international ISO/IEC 27001:2022 standard. The certification audit was carried out during January–February by Into Certification Oy.
6.1.2026
Turvaposti’s service availability (uptime) was 99.99 percent in 2025. This is the highest figure in Turvaposti’s 22-year operating history and means that the total duration of maintenance and other service interruptions remained under one hour in 2025.
13.6.2025
President of the Republic Alexander Stubb has awarded the honorary title of Postmaster to Turvaposti’s founder and CEO Markku Vettenniemi for his merits in promoting secure electronic communications in Finland. Turvaposti has protected confidential communications for public administration, companies and the third sector since 2004.
8.4.2025
30.10.2024
In a decision issued on 19 September 2024, the Deputy Chancellor of Justice stated that authorities should not send or request personal identity codes via ordinary unencrypted email. According to the decision, messages containing personal identity codes must be sent using a separately secured email connection. The encrypting Turvaposti service protects the email connection and allows the message to be opened only by the intended recipient.
22.10.2024
The new Finnish Cybersecurity Act will, among other things, require company management to ensure that the organisation has reliable access control and authentication methods and, when necessary, the capability to use secure electronic communications.
The Cybersecurity Act is based on the EU NIS2 Directive, whose obligations were to be incorporated into national legislation by 18 October 2024. However, several EU Member States, including Finland, did not complete their legislation by the deadline. The Finnish legislation was expected to enter into force in December 2024.
3.7.2024
The Supreme Court ruled by a vote of 4–1 that secure email is a legally valid method of formal notification. Based on the ruling, a secure email message can replace, for example, a registered letter with proof of receipt or a notification delivered by a bailiff.
15.5.2024
Verkkouutiset: Data protection shortcomings in wellbeing services counties threaten the data of more than 600,000 people. The shortcomings were caused by the failure to reliably identify the party involved in the communication.
27.3.2024
Decision of the Office of the Data Protection Commissioner: personal identity codes should not be transmitted unnecessarily by text message, because the SMS system does not provide the capability to encrypt the message content or the message transmission data.
4.2.2024
The Turvaposti service turned 20 years old. The service now protects the confidential electronic communications of more than 1,500 Finnish organisations.
1.1.2024
On 1 January 2024, the Act on the Processing of Client Data in Social and Health Care entered into force (Section 8 excerpt): “In the processing of client data, the client, service provider, pharmacy, other parties involved in the processing of client data and their representatives, as well as information systems and national information system services, must be reliably identified.”
3.12.2023
Decision of the Office of the Data Protection Commissioner: healthcare clients must be reliably identified also when making appointments.