LEAK: The EU Commission’s data space for unleashing health data

The European Health Data Space is the first of the Common European data spaces, which will cover sectors such as finance, energy and mobility. [Sergey Nivens/Shutterstock]

The European Commission is set to propose a new governance framework for health data with cross-border interoperability requirements and a pan-European infrastructure in the first sectorial legislation of this kind, according to a draft seen by EURACTIV.

The EU’s health data space proposal is considered “the fuel that drives the European Health Union forward,” a reference to the plan launched in the aftermath of the COVID pandemic to reshape the way healthcare is dealt with across the bloc.

It is also the first sectorial legislation meant to build on the Data Governance Act and the Data Act, respectively the horizontal legislation on data governance and a recently presented EU law on data-sharing.

The main goals of the regulation are to make the healthcare sector more efficient and advance scientific research in the telehealth area, and “unleash the health data economy”, fostering the development of new digital health services and products.

European Commission pitches data sharing obligations in Data Act proposal

On Wednesday (23 February), the EU executive presented its draft for the new data law with only minor changes compared to the proposal leaked by EURACTIV earlier this month.

Individuals’ rights on ‘primary’ use

For the Commission, individuals should have the right to access a minimum set of ‘primary’ health data, including vaccination, electronic prescriptions, images, laboratory results, discharge reports, and others – using a free of charge access service.

The Commission hopes that this standardisation could empower the right of patients’ control over their health data in electronic format.

These new rules will also affect existing product markets such as electronic health records, medical software products and wellness apps.

The individuals will also have the right to restrict access to such data or share it with third parties free of charge. The European Digital Identity Framework, a proposal to establish an online identification system compatible across the EU, will enable cross-border functionality.

European Commission proposes 'digital identity wallet'

The European Commission has introduced a legislative proposal for an EU “digital identity wallet” that would allow numerous services like opening a bank account or filing tax returns to be done purely digitally.

‘Secondary use’ for personalised medicines

The legislative proposals include provisions on the thorny issue of re-using health data for so-called ‘secondary use’, namely data created and registered for health services or activities that can be used for purposes other than the reason for which they were initially collected.

For the regulation, secondary use includes health records, social data, administrative data, genetic and genomic data, public registries, clinical studies, research questionnaires, and biomedical data such as biobanks.

For the Commission, the use of secondary data for better research and better policymaking can significantly boost the innovative field of personalised medicines.

The secondary use data is in raw form and the additional information obtained processing the data in the context of healthcare services.

The list of allowed uses includes informing regulatory decisions and supporting public authorities in carrying out their tasks, as well as in education, scientific research, developing innovative solutions for public interests, and training algorithms with medical applications.

Conversely, some purposes are explicitly forbidden, such as informing decisions against individuals with legal effects, including insurance premiums, commercial advertising, and selling data to third parties.

The draft regulation also includes provisions to implement ‘data altruism’ in the health sector, a concept introduced in the Data Governance Act to provide legal status to entities that process personal data for reasons of public interest, for instance, medical research.

Data governance: new EU law for data-sharing adopted

EU co-legislators found a middle ground on the Data Governance Act (DGA) by adopting new rules for data sharing, marking the first step of the European data strategy.

A brand new health data governance

The Commission is to establish a formal expert group, the European Digital and Health Data Board, to ensure cooperation between the competent authorities, particularly the relation between primary and secondary use of electronic health data.

Two expert subgroups of the Board will deal with health data for healthcare delivery and health data application for research, innovation, policymaking and regulatory purposes.

These bodies will manage the requests to access secondary data, minimising the amount of data shared and anonymising or aggregating the data when relevant.

The Board will support and advise the Commission on developing the labelling, certification and data quality guidelines and requirements.

Interoperability and international transfers

Another crucial area is the interoperability of health data across the borders, with the establishment of dedicated digital infrastructure to exchange health data between healthcare providers within countries.

Interoperability with electronic health record systems could reduce unnecessary or duplicated tests since healthcare professionals can easily access patients’ medical history, leading to substantial savings for patients and the health system.

The health data space echoes measures in the Data Act, notably introducing limits to international transfers of non-personal health data.

LEAK: Data Act’s proposed rules for data sharing, cloud switching, interoperability

The Data Act proposal defines the rules for sharing data, conditions for access by public bodies, international data transfers, cloud switching and interoperability, according to a draft seen by EURACTIV.

Mandatory certification scheme and health data infrastructure

The draft proposal outlines specific requirements for the Electronic Health Record (EHR) systems, the software used for storing and sharing health records. The annex includes a set of requirements, including interoperability and security, and outlines the technical specifications these systems would have to fulfil.

In terms of interoperability, EHR systems need to ensure compatibility with the European infrastructure and the ability to share health data with other health professionals and entities. These requirements would be operationalised via existing technical standards or common specifications identified by the European Commission.

The EU executive will also pitch a common infrastructure called MyHealth@EU to facilitate the cross-border exchange of electronic health data between National Contact Points designated by the member states.

Funding: EU4Health, Horizon, Recovery plans

The newly established EU4Health programme and digital health-related funding under the Horizon Europe and Digital Europe programmes will support investments in the European health data space.

In particular, the EU4Health programme will support the MyHealth@EU platform and the pilot project to develop the new decentralised EU infrastructure for secondary use of data already in 2022.

Some of the funding will also come from NextGenerationEU, as 22 member states have already earmarked a total of €12 billion in investments contributing to digital health in their recovery plans.

[Edited by Zoran Radosavljevic]

Subscribe to our newsletters

Subscribe