The need for a European Health Data Space
Secure and exploitable data flows are a key element in the European Strategy for Data. They are perceived as an asset set to fuel Europe’s future innovations, increase the competitivity of its companies and contribute to the overall quality of life of its citizens.
Against this background, healthcare services witness important shifts toward digitalization. As Europe finds itself evermore reliant on health data in the wake of a pandemic, the European Health Data Space establishes itself as a prospect in the usage of health data to reinforce integration and to allow a European Health Union to emerge.
What is the European Health Data Space?
The European Health Data Space (EHDS) is one of several data spaces proposed by the European Commission to reaffirm the perspective of a data-driven, innovative Europe. It is set to become a first sector-specific data space that would secure health-related data, reinforce cooperation in healthcare and incite data-demanding innovation.
The Proposal for a regulation – The European Health Data Space builds its structure upon a set of legal texts such as the Clinical Trials Regulation and the General Data Protection Regulation (GDPR). For example, the proposal is set to facilitate secondary use of health data for research purposes while enshrining data subjects’ rights to control their data. The proposal reinforces cross-border cooperation in tele-medicine to facilitate reimbursement, interoperability while reconfirming data privacy and liability of health actors.
The EHDS proposal also aims to be a tool for health data governance. In this sense, it establishes a set of infrastructures to better make use of the available data. The main two being Myhealth@EU and Healthdata@EU. The former is set to empower data subjects regarding the use of their health data while creating interoperability through new and standardized formats of health data exchanges. The latter concerns secondary use of the data and will implement a health data access system and formalize uses and reuses of data. The final aim is to make it easier for academia and industries to conduct innovative research.
Privanova participates in several EU-funded projects that are related to the security, availability and fairness of health data such as AI4HEALTHSEC that aims to apply Artificial Intelligence to the security of health infrastructure; FACILITATE, that aims to put patients in the centre of clinical trials by organizing the returning of their data; as well as DigiCare4You that aims to integrate communities in the screening of diabetes.
European Health Data Space – research and innovation potential
It is no secret that health data is a precious resource for industries and academia. Its collection and use can pose logistical, ethical, and legal questions. As personal health data is categorised as sensitive data under the GDPR, its initial collection can make it scarce before any anonymization takes place.
To ensure a viable use of the health data in possession of data holders, the EHDS makes it binding to safeguard a certain minimum of health data. This data can then be accessed and used by researchers. This comes with a set of precautions found in the proposal. The main guarantee for the fair use of the data for secondary use is a to-be-established health data access body that would issue an access permit to the entity that solicits a certain amount of data. The data is then made available by the access body on a secured environment.
The mechanism is set to instore a form of health data sharing inspired by the FAIR principles and that would be more binding that the existent eHealth Network that is perceived as limited in scope.
A dataset catalogue is also proposed; this catalogue is set to indicate to researchers the quality, location, and accessibility of data before formulating a formal access request to the competent body.
European Health Data Space – risks and challenges
The EHDS is set to dynamize data sharing, minimize delays and reinforce the patient’s role in healthcare. However, many challenges lay ahead of the proposal.
Data protection is one of the main concerns in the current text. In this regard a joint opinion by the European Data Protection Board and the European Data Protection Supervisor was adopted on the 12th of July 2022 in which a series of questions were raised.
A main issue is hosting of health data on the servers of third countries. In this sense, it was requested to add a provision ensuring that health data is stored in the EEA.
Another comment formulated by the EDPS Supervisor, Wojciech Wiewiórowski, stated that:
Wellness applications and other digital health applications should [therefore] be excluded from being made available for secondary use.
The perspective of establishing health data authorities was also questioned. In this sense, the opinion stated that data protection authorities (DPAs) should be the sole competent authorities responsible for data protection issues. This aims to clarify points of contacts to data subjects and avoid overlapping competences.
These critiques highlight that data protection and ethical compliance are not only important in ensuring the viability and sustainability of project results but also of upcoming regulations and infrastructure.
It is expected that the proposal will integrate further guarantees in terms of data protection in order to achieve its goal in creating new opportunities for academia and industries to leverage health data.