1. Denmark (incl. Greenland and the Faroe Islands)
The findings of the as-is description of the digital PoA landscape in Denmark show a general maturity in the country’s effort across legal, digital, and social parameters, presenting a great foundation to learn from. Meanwhile, the Faroe Islands have a similar PoA landscape to Denmark with a more developing level of maturity. Greenland, on the other hand, has yet to adopt digital PoAs, hence the country was excluded from the mapping exercise.
With a consolidated platform solution for public PoAs incl. health, along with two separate platforms for taxation and business matters, Denmark showcases several advantages for the domestic handling of digital PoAs. In Denmark PoAs are widely adopted in health tax and business affairs, backed by legal frameworks like the Danish Agreement Act, and integrated with the MitID system. Moreover, the country is in the planning phase of implementing key EU legislation, such as eIDAS 2.0, OOTS, while SDGR and EUDIW are in the pilot phases or partly implemented. Furthermore, the identified key parameters for demonstrating social inclusion have all been partly or fully implemented across all sectors examined.
Despite mature technical standards of the digital PoA solutions, there are still challenges in 1) assigning PoAs to legal or natural persons with no strings attached to Denmark, and 2) Danish non-residents doing tax matters.
1.1 Digital and process
This section examines the maturity of technical standards and barriers across access, authentication, verification, and integration of digital PoAs in Denmark, the Faroe Islands, and Greenland.
1.1.1 Technical Standards and ID Infrastructure: Advantages and Disadvantages
The table below summarises the maturity for technical standards and barriers regarding access, authentication, verification, and integration, alongside cross-border interoperability to highlight advantages and disadvantages in Denmark, Faroe Islands, and Greenland. In the following sections, the different technical aspects are described and assessed in a country-specific context.
Digital | Basic | Intermediate | Advanced | Fully integrated |
Access to handle PoAs |  |  | ||
Verification | | |||
Authentication | | |||
Integration | | | ||
Cross-border interoperability | | |
Table 8. Maturity for technical standards and barriers regarding access, authentication, verification, integration and cross-border interoperability
Access to handle PoAs
In Denmark, the PoA landscape is relatively consolidated comprising only a few central access points to various digital PoAs within healthcare, business, and taxation sectors. The key platform solution is Digital fuldmagt (public PoAs incl. for healthcare and business PoAs when accessing from Virk), along with tastselvborger and tastselverhverv (taxation), as well as MitID Erhverv and Virk (business). To a large extent, PoAs can be handled, stored, and used digitally.
Danish citizens can access and manage PoAs related to the healthcare sector (along with a range of other public PoAs), through the platform solution, Digital fuldmagt, developed by the Danish Agency for Digitalisation.
Danish taxation matters are divided into two platform solutions for citizen and business respectively. For citizens and residents, taxation PoAs are handled and managed on tastselvborger, while businesses handle them on tastselverhverv (from here “TastSelv”). On these platforms, users can choose to login to their own account or that of someone from who they have been assigned a PoA to access.
For the business sector, businesses can assign PoAs to employees, other organisations, and external consultants (e.g. accountants or lawyers) on the platform solutions MitID Erhverv and Virk. MitID Erhverv is its own solution, from which PoAs can be granted and managed, whereas Virk directs users to a business version of digital fuldmagt, working identically to digital fuldmagt, but with business oriented PoAs. The PoAs can grant varying levels of access and authority, e.g. access to financial reporting, execution of business transactions or signing contracts. Within the platforms, there are different variations of PoAs. For example, a CEO may grant an accountant the right to submit tax filings or financial reports, while a legal representative may be given the power to sign contracts or register company changes. Moreover, it is possible to authorize a person to make major business decisions, such as signing contracts or establishing a subsidiary. Lastly, a business authorisation solution where, typically, a representative of a small business can grant authorisations to other organisations and employees in other organisations. The platform solutions for the business sector are rather mature since businesses have their own digital identity via MitID Erhverv, although this involves complexity (see verification). Additionally, the presence of two platforms increases complexity as well.
Digital fuldmagt and MitID Erhverv provide national solutions compiling access to many public and business PoAs for users in a simplified way, with shared infrastructure components. However, not all sectors are covered, such as taxation and other public authorities. Nevertheless, it is in the process of being implemented across all public authorities. Overall, this complexity creates challenges, as citizens sometimes must contact individual authorities separately. Moreover, the separated solutions for taxation and business matters creates additional complexity. However, tastselvehrverv is in the process of transitioning to MitID Erhverv, which may help reduce some of the complexity.
In the Faroe Islands, there are distinct platforms for each sector, Vangin for healthcare and public matters, Borgaragluggin for taxation matters and Vinnugluggin for business, all require the national eID, Samleikin for access. From Vangin users can manage PoAs, view digital mail, view and perform online tasks related to public services. For healthcare matters, PoAs can be accessed, granted, viewed, and used on Vangin, demonstrating a high level of maturity for healthcare.
Taxation matters on the other hand require a more manual process involving filling out a PDF and signing with an electronic signature, then sending to the tax authority. After processing, assignee and assignor are notified via Minboks, in Vangin, from here, the assignee can view and utilise the PoA in Borgaragluggin and sign in as the assignor.
For business related matters, users must log into Vinnugluggin, the business equivalent of Borgaragluggin, from here business PoAs such as power to act on behalf of a company can be granted. However, similarly to taxation matters, this is also done via the submitting of a form, rather than fully on the platform. As a result, the maturity level is high for healthcare matters, slightly lower for taxation matters and business matters, resulting in intermediate maturity for the PoA landscape in the Faroe Islands.
In Greenland there is, as of today, no digital PoA solution. All PoAs are analogue and signed manually. MitID, the Danish national eID is however in use for online Banking.
Verification
In Denmark, the verification and authentication methods are standardised for handling PoAs, as they all require the national, EU-approved eID, MitID. It exists in two forms, MitID Privat (for private citizens and residents) and MitID Erhverv (for businesses). MitID is used to access all government institutions, PoAs, as well as used to verify identity and authenticate for private services such as banking and business PoAs.
MitID Privat necessitates a national identity number (CPR), which is required for all Danish citizens and residents. When first acquiring MitID Privat, verification is required via a physical picture ID such as a passport or driver’s license, which serves as a proof of identity. This method is characterised as a qualified electronic signature, that is the highest level of maturity. Moreover, a login with MitID to PoA services thus verifies the digital identity automatically. MitID Privat can also be used for business, when citizens are given rights to view or handle a business’s information by logging in to Virk or MitID Erhverv.
MitID Erhverv is the authorization solution for businesses. It enables employees, owners, or other organisations to act on behalf of the company by logging into MitID Erhverv with their personal MitID or MitiD Erhverv identity. The eID entails different solutions, depending on various factors such as ownership. To get MitID Erhverv, businesses must have a company registry number, a leadership representative and additional documentation. After the first login, administrators and user rights are assigned on the platform.
In the Faroe Islands, verification to digital PoA solutions is handled through Samleikin, the national e-ID. Samleikin works similarly to MitID privat in Denmark, in that it provides access to all online public services. Samleikin is a trusted service provider and complies with the euIDAS, despite not being a member of the EU. Additionally, Samleikin uses QES to ensure the highest level of security when processing PoAs and other activities requiring an electronic signature. As a result, the Faroes Island’s solution for verification follows a similar level of maturity to Denmark.
Authentication
In Denmark, the identity of both the assignor and assignee is authenticated using MitID, which acts as a centralized authentication solution. Accessing a PoA platform solution with MitID requires multifactor login, involving user ID to launch the MitID app on the phone, submitting a password or biometrics in the app, followed by approval in the app. This ensures that only the authorized individuals can create and use PoAs. Additionally, encryption and data security measures are built in to protect personal information throughout the entire process. The authentication level can also be considered highly secure and thereby also demonstrates an advanced level of digital PoA maturity.
In the Faroe Islands, access to Samleikin requires the Faroese social security number, (p-tal), full name, telephone number, and a picture ID such as passport or driver’s license. Samleikin is required for access to PoAs and therefore follows the same level of authentication maturity as Denmark.
Integration
In Denmark, the main PoA solution (Digital fuldmagt), along with the two others described (TastSelv and MitID Erhverv) integrate with other relevant third-party platforms to some extent. For instance, Digital fuldmagt aggregates PoAs across various sectors, and integrates healthcare PoAs to relevant platforms and entities, such as Sundhed.dk. This allows assignees to view the assignor’s health data if a PoA has been granted via Digital fuldmagt. However, the solutions face challenges as the they do not sufficiently support representation by third parties. For example, it is currently not possible to grant complex PoAs, even though citizens have the right under administrative law to authorize someone in specific cases. Furthermore, Denmark is currently exploring general authorizations that are not specific, but cross-cutting to encompass both the public and private sectors. Considering the above, the Danish PoA landscape is yet to be fully integrated into a one-stop-solution but is highly advanced.
When the assignee interacts with a third party, such as a public authority or service provider, the third party verifies the validity of the PoA by checking it through the Digital Fuldmagt system. This can involve scanning a QR code, accessing the PoA digitally, or viewing documentation that confirms the assignee’s authority. In this way, the third party can see the details of the PoA, such as its scope and duration, ensuring that the assignee has the correct permissions to act on behalf of the assignor.
In the Faroe Islands, the national eID Samleikin is integrated across public and private platforms for verification and authentication. Additionally, some integration from taxation and healthcare PoAs is possible via the Vangin platform, however, any further integration availability is either lacking or unknown. Therefore, integration maturity for the Faroe Islands is relatively low, except for the national eID.
Cross-border interoperability
Non-Danish eID holders can access Danish e-services like PoA solutions by linking their eID to a Danish CPR number, as a part of the implementation of the eIDAS-Node. Yet, non-residents face hurdles, as Denmark lacks a system to reliably identify and authorize individuals without a CPR number despite some EU countries having effective registries, which presents security and identification challenges. Establishing such a system is complex and costly.
In relation to the EU's new regulations (eID, EHDS, etc.), Denmark is thus facing the challenge of integrating additional elements into its existing solutions and creating connections to other EU countries. However, the Danish PoA and MitID solutions are considered feasible to continuously be the backbone of the Danish implementation of these regulations. Even if credentials for the right to represent a party is issued in a digital wallet (i.e. EUDIW), there will still be a need for sources to verify these credentials, and the existing authorization solutions are trusted to be well-suited for this purpose.
Additionally, processing tax matters for non-residents is challenging. Despite non-residents being liable for Danish taxes and partially served by TastSelvBorger, authorizing, and registering them in the system is fraught with difficulties, complicating accurate management of their tax-related information.
For the Faroe Islands, integration with Danish systems is not currently available, however, citizens with a Danish CPR number can acquire Samleikin, the national e-ID, to access Faroese platforms. While the Faroe Islands has an e-ID compliant with eIDAS, the Faroe Islands are not an EU member state and therefore cross border integration is unlikely. Cross border integration maturity in the Faroe Islands is therefore low.
1.1.2 PoA Process
This section outlines the general process and user journey for the assignors and assignees of PoAs in Denmark.
Access & verification
Danish citizens access Digital fuldmagt, TastSelv, or MitID Erhverv. They log into the platforms using MitID, which also verifies and authenticates their digital identities.
Faroese citizens access Vangin or Borgaragluggi. They log into the platforms using Samleikin, which also verifies and authenticates their digital identities.
Create PoA
The three Danish platforms generally present solutions that allow citizens to assign, request, and view PoAs. Citizens can grant or request PoAs, which involves selecting assignee or assignor, defining the scope of the PoA, and setting the time limit.
For Faroese citizens, Vangin allows granting of PoA to view health data and other matters. Requesting PoA remains unclear. Taxation and business matters require processing of a form filled out and sent to the authorities via PDF format and signed with an electronic signature (Samleikin).
Use PoA
In Denmark, once a PoA is assigned to a natural person or legal person, they will receive a notification in their digital inbox (e-Boks). Thereafter, assignees can view and use the PoA within the defined scope by logging into the needed service using their own private MitID.
In the Faroe Islands, once a PoA is assigned, they will receive a notification in the digital inbox (Minboks) on Vangin, excepting business matters, which is unclear. Thereafter, the PoA can be used by assignees from the needed service by logging in with their Samleikin.
Terminate PoA
In Denmark the PoA will terminate automatically within the after the define time limit is expired.
1.2 Legal Aspects
The following section will first present an overview of legal topics, followed by a review of EU initiatives.
In Denmark and the Faroe Islands, digital powers of attorney (PoAs) are used across various sectors like health, taxation, and business, with platforms providing specific services such as vaccine registrations or tax filings. In Denmark, PoAs have a legal basis in acts such as the Danish Agreement Act, and both natural and legal persons using MitID which is a Danish eID solution. Assignors are legally bound by PoAs as long as assignees act within given permissions, but there can be liability issues if actions fall outside of these boundaries. Conditions for granting PoAs include age and mental competence requirements, and businesses need to supply additional details like CVR numbers. In the Faroe Islands, digital identity and PoAs are accessible to citizens from 13 years of age with a Faroese civil registration number. Denmark is in the planning phase of implementing key EU initiatives, such as eIDAS 2.0, OOTS, while SDGR and EUDIW are in the pilot phases or partly implemented.
1.2.1 Legal Topics
This section covers the legal topics also included in the main report: semantics, types of PoAs, legal basis, liability, and legal barriers.
Semantics
In Denmark, e.g. Danish Health Authority, SKAT (Tax Authority), the Danish Business Authority (Erhvervsstyrelsen) municipalities, or other public institutions that provide online services through platforms like sundhed.dk, borger.dk, or su.dk as well as financial service providers or institutions, e.g. banks.
In the Faroe Islands, a third party could be Samleikin (National Digitalisation Programme), Minboks/Vangin (National Digitalisation Programme) and TAKS (The Faroese tax authority).
Health sector | Taxation sector | Business sector | |
Assignor | Danish citizen or resident who needs assistance in managing their interactions with public authorities online. | Danish taxpayer, pensioner, or anyone with tax obligations in Denmark. | The legal entity or company. |
Assignee | Family member, friend, or trusted person. | Family member, friend, or trusted person -Alternatively, an accounting company or individual capable of managing tax returns and such. | An employee, such as a CFO, an external accountant or lawyer. |
Table 9. Assignor and assignee roles across sectors
Types of PoAs
The most frequently used PoAs in Denmark are specific/limited powers of attorney allowing the assignee to act on behalf of the assignor in specific matters.
For the health sector, the collected data include i.e. registering and viewing vaccinations, accessing health journals, and managing doctor’s appointments. For the tax sector, the data shows citizens authorizing assignees to access their tax records, submit annual tax returns, and handle various tax-related tasks online. For the business sector, the collected data include authorizations for natural persons to execute business transactions, such as filing reports, applying for permits, or conducting administrative tasks.
Legal basis
In Denmark, the legal basis for entering and handing PoAs in general include, i.a. the Public Administration Act “Forvaltningsloven”, the Agreement Act “Aftaleloven” and the unwritten legal principle “Freedom of contract” which states that all natural and legal persons as a starting point have the freedom enter into all types of agreements. The Agreement Act is applicable in all kinds of agreements that are legally binding, however, the Public Administration Act is applicable when a PoA is used between a public administration and a citizen which ensures comprehensive coverage of representation rights.
Fundamentally, when both citizens and businesses grant a PoA, it is binding. It covers exactly what has been agreed upon. Thus, if e.g. a municipality wants to modify its authorization solution to include additional functionalities beyond what was initially intended, the existing authorization must be deleted and a new one created.
Specifically, for businesses, all authorization solutions are based on the MitID and NemLogin Act, Section 11. The law serves three purposes:
- granting authorizations to use the solution,
- granting permissions to make the solution available to all other authorities, and
- exempting authorities from the competition requirement in this area, meaning they are not required to put tasks out to tender but can directly approach businesses to meet their needs.
Regarding the health and taxation sectors, there are no specific regulation besides the legal acts mentioned above. The data available to the country experts regarding legal basis regarding PoAs in Greenland and the Faroe Islands has been limited.
Liability
In Denmark a distinction is made between authorization (Danish: “Legitimation”) and empowerment (Danish: “Bemyndigelse”). The authorization forms the framework for the external aspects of the PoA, while the empowerment encompasses the internal aspects of the PoA. Provided that the assignee acts within the boundaries of the PoAs empowerment and authorization, the assignor is legally bound by the agreement. However, if the assignee acts outside of the empowerment and authorization granted, the assignor will not be legally bound by this agreement - regardless of whether the third party acted in good faith.
However, there may also be a case where the assignee acts outside the empowerment but within the authorization granted. In such cases, the assignor will have entered into a legally binding agreement with the third party, provided that the third party acted in good faith. These instances will require further assessment of the specific circumstances.
Legal barriers
In Denmark, the conditions for using Digital Fuldmagt involves several criteria related to the assignor, the assignee, and the usage of the PoA itself. Below are the key conditions for the assignee/assignor of PoAs across all sectors related e.g. to age, mental health, nationality etc.
- Age: The assignor must be at least 15 years old to grant a digital PoA. The assignee, or the person who is going to act on behalf of the assignor, must also be at least 15 years old. An example of a specific challenge regarding age regulation was discovered during the COVID period, where permanently incapacitated children in the age 15 to 17 couldn’t access their children's test results or vaccination certificates, as, according to health law, children become independent at 15. However, parents can't apply for guardianship until the child turns 18, leaving a three-year gap.
- Mental Health: Both the assignor and the assignee must be mentally capable of understanding the implications of granting and using a PoA. If an assignor is not mentally competent, they cannot grant a digital PoA. In such cases, other legal arrangements, like guardianship or a future PoA, might be necessary.
- Nationality: There are no specific nationality requirements for using Digital Fuldmagt. However, the assignor and assignee need to have access to MitID, which is a Danish eID.
- Employment Status: There are no specific employment status requirements for using Digital Fuldmagt. It is available for any individual who meets the other conditions as mentioned above, regardless of whether they are employed, self-employed, or unemployed.
For businesses, the assignor must provide the CVR number and specific information about the organization to which the assignor wants to grant the authorization, as well as the names of the individuals who will be assigned the authorization.
In the Faroe Islands in order to obtain a Samleikin log-in which is the Faroese eID and is required to access Borgaragluggin or for businesses: Vinnugluggin, which is the self-service sites for citizens and businesses, the citizen needs to be 13 years of age and have a Faroese civil registration number (“p-number”). To obtain a p-number or temporary p-number, the citizen needs to register with the Citizens Service in a given municipality or apply through TAKS for a temporary p-number. Further, it is stated in the Digital Identity Act, section 6, that persons who are at least 13 years old, have a Faroese p-number and can document their physical identity, have the right to become users of the digital identity. However, The Governor General may authorize persons other than those mentioned above to become users with full or limited rights to the digital identity, cf. section 6, para 2.
1.2.2 Status of implementation of relevant EU initiatives
The table below summarises the implementation status for each regulative in the Danish context. The content is unfolded in the section below.
Legal | Have not started | Planning implementation | Pilot phase or partly implemented | Fully implemented |
Electronic, Identification, Authentication and Trust Services (eIDAS 2.0) | | |||
Once Only Technical System (OOTS) | | |||
EU Single Digital Gateway Regulation (SDGR) | | |||
EU Digital Identity Wallet (EUDIW) | | |||
The European Health Data Space (EHDS) | | |||
Upgrading Digital Company Law (UDCL) | N/A | |||
Table 10. The implementation status for each regulative in the Danish context
Electronic, Identification, Authentication and Trust Services (eIDAS 2.0)
According to the Danish Digitalization Agency, the revised version of eIDAS is being implemented towards 2026. However, the fact that the regulation is being implemented towards 2026 doesn’t state much about the status of the implementation which is why the score given is indefinite.
Once Only Technical System (OOTS)
The collected data shows the once-only principle became operational in Denmark in December 2023. However, in the European Commission’s “June 2024 version of the OOTS Acceleratormeter” it is currently in a preliminary phase where the development and integration has started.
EU Single Digital Gateway Regulation (SDGR)
According to the Danish Digitalization Agency, Denmark is working towards connecting NemLog-in with the Danish eID-gateway which is assumed to be completed in H2 2025. However, the Danish national authorities have implemented this obligation through the portals lifeindenmark.dk and BusinessInDenmark.virk.dk.
EU Digital Identity Wallet (EUDIW)
- According to the data collected, Denmark is participating in three pilot projects including EU Digital Identity Wallet Consortium (EWC), POTENTIAL and DC4EU. These projects were launched in April 2023 and cover use cases such as digital driving licenses, payments, and educational and professional qualifications. Denmark is currently in a pilot phase testing the solution and has not yet fully implemented the EU Digital Identity Wallet.
The European Health Data Space (EHDS) and Upgrading Digital Company Law (UDCL)
Grades for the implementation of EHDS and UDCL are not included, cf. paragraph Error! Reference source not found. above. The Danish Health Data Authority participates in two projects related to the EHDS.
1.3 Social inclusion
In the table below, it is visualized what the status is for Denmark’s work with ensuring digital inclusion, while the following text elaborate what kind of measures Denmark has implemented. The table also shows what the status is on the different measures, as some of them are fully implemented while others are partly implemented. The general picture for Denmark is, however, that most of the identified measures have already been implemented in the public sector.
Social | Have not started | Planning implementation | Partly implemented | Fully implemented |
Options for physical PoAs | | |||
English language options available | | |||
Information Systems for people with impairments | | |||
Alternative access to digital ID | | |||
Spokesperson/ representation of other people to obtain a PoA | | |||
Education, support-service and facilitators to obtain a digital PoA | |
Table 11. Status of Denmark’s work with ensuring digital inclusion
1.3.1 Options for physical PoAs
Denmark has implemented options for physical PoAs which are used in cases where it is not possible for a person to issue a digital PoA. This can be in cases where elderly people are unable to create a digital PoA through a digital platform due to the lack of digital skills and/or health status. In these cases, it is necessary to have the possibility of granting a physical PoA through physical presence of, which are then digitized by an authority figure. The Agency for Digitalization has made an agreement with municipal service centers, so it is now the citizen services in municipalities that handle this task on behalf of the administration if an elderly person have struggles in the PoA process.
In the Faroe Islands, physical documents can be used when digital PoA creation is not possible. Through Borgaragluggin and Vangin it is possible to upload documents with a physical PoA.
1.3.2 English language options available
For non-Danish speakers, a version of the digital citizen platform “borger.dk” is available in English. The English version of the platform “lifeindenmark.dk” also contains links to digital attorney forms described in English.
This is the same in the Faroe Islands. On both Vangin and TAKS, English language options are available. Physical PoA documents can likewise be accessed in English.
1.3.3 Information Systems for people with impairments
Since 2007, Denmark has implemented website accessibility.
The Faroese digital infrastructure, including Vangin and Borgaragluggin, complies with the Web Content Accessibility Guidelines (WCAG) 2.1, ensuring high contrast, keyboard navigation, and screen reader compatibility.
1.3.4 Alternative access to digital ID
Certain institutions, such as psychiatric wards, are authorized to establish or renew patients' digital ID (MitID), reducing stress and saving resources by eliminating the need for patients to visit municipal offices. This decentralized approach to digital ID has been partially implemented, offering a more convenient and less anxiety-inducing experience.
If you live in the Faroe Islands, it is mandatory to have a P-number. If you have a P-number, you can access all digital PoA services.
1.3.5 Spokesperson/representation of other people to obtain a PoA
For citizens unable to manage their digital tasks, systems are in place allowing relatives or guardians to handle PoAs on their behalf. Through the digital PoA system, the designated representative can act for the assignor using their own digital ID (MitID). This system is fully implemented in the public sector.
In the Faroe Islands, representation for creating PoAs is possible under specific guidelines. Borgaragluggin allows citizens to assign PoA for tax-related tasks, either through its portal or via physical documentation. A Samleikin ID and P-tal are required, and PoA validity is typically up to three years, with renewal options available.
1.3.6 Education, support-service and facilitators to obtain a digital PoA
Several municipalities have introduced advisory services to help citizens and their families understand and create digital PoAs. These services often involve structured, well-organized meetings to ensure that vulnerable individuals and their relatives receive the support they need. While education and support services are available, their implementation varies across municipalities.
In the Faroe Islands, some training videos have been developed for creating digital powers of attorney. Some are fully implemented, while others are awaiting final approvals before being made public.