Leaked Draft European Health Data Area Regulation Sets Ambitious Goals and… Requirements for Health Data Sharing


The creation of a European data space is one of the priorities of the European Commission, including for the health sector (https://ec.europa.eu/health/ehealth-digital-health-and-care /european-health-data -space_fr). The COVID-19 pandemic has exposed how decentralized and disconnected EU member states are with each other when it comes to health data. One reason for this is that only around half of EU member states have a national electronic health record (“EHR”), and robust data infrastructure and interoperability are also often lacking. .

One of the objectives of the European Health Data Space (“EHDS”) is therefore to advance this exchange of health data across Europe. This exchange of course directly supports the delivery of health care. Besides this primary use of health data, large datasets are also important for research, innovation, policy making, regulatory purposes, and personalized medicine purposes (so-called secondary use of data or reuse of data).

While the European Commission has yet to formally propose its EHDS regulation in April, a leaked draft version is already circulating. After going through the 140-page document, here are some of the highlights:

  • The proposed EHDS regulation defines health data in the broadest sense and includes: electronic health records; data on complaints and reimbursements; genetic and genomic data; disease registers; data from clinical studies and safety reports; biomedical data, including from biobanks; insurance, lifestyle and behavior data.
  • This data may be collected by the public (including via medical devices and wellness/lifestyle apps), non-profit organizations, or private healthcare providers.
  • In order to facilitate cross-border data exchange, EHR systems will need to meet certain minimum interoperability and security requirements and will need to be reviewed by Notified Bodies through a compliance assessment of the management system. quality in order to obtain CE marking.
  • The focus is not only on accessing and sharing health data to support primary care, but also to support scientific research and the development of new treatments, drugs, medical devices and services. Use of data for training, testing and evaluation of algorithms in medical devices (including digital health applications) is also permitted. However, the data may not be viewed or reused for commercial advertising, including marketing activities aimed at healthcare professionals and patient organisations.
  • A pilot EHDS infrastructure for the reuse of health data should be operational by 2025 (see consortium application here: https://eupha.org/repository/EUPHA_newsletter/2022/20220307_EHDS2Pilot_JointPressRelease_En_VF.pdf)
  • In terms of governance, competent national authorities will be designated to consider requests for access and (re)use of data and will issue “data permits” for this purpose. Datasets made available by competent bodies may have a label of quality and usefulness of the data. At EU level, the regulation proposes to establish a “European Digital and Health Data Board”.
  • Expect a complex interaction between the EHDS Regulation and existing rules (e.g. GDPR; EU MDR/IVDR; NIS) as well as rules currently still under development (e.g. Data Governance Law; the bill; the AI ​​law).

Comments are closed.