The Swedish Presidency of the Council of the European Union has started work on the proposal for a Regulation on a European Health Data Space (or EHDS) (see EUROPE 12944/11, EUROPE 13078/23).
On Monday 16 January, the Secretariat-General of the EU Council sent delegations a Presidency compromise proposal on Chapters I (general provisions) and IV (secondary use of electronic health data) of the future Regulation.
Among other changes proposed, in the definition of the future Regulation, the Presidency specifically includes wellness applications claiming interoperability with the EHDS.
The Swedish Presidency would like to specify that the future Regulation establishes governance and co-option at national and European level for the primary and secondary use of the EHDS.
It also wishes to clarify that the Regulation would not apply to activities concerning public security, defence and national security.
In its definitions, the Presidency clarifies, inter alia, the term ‘health data holder’ and that lawful access to data is in accordance with a data authorisation or a data request that complies with the future Regulation.
The Presidency proposes the following definition for personal electronic health data: “Personal electronic health data means personal data concerning health and genetic data as defined in Regulation (EU) 2016/679 [also known as the General Data Protection Regulation (GDPR) (Editor’s note)] processed in an electronic form”.
Secondary use is defined as use for purposes as described in Article 34 of the future EHDS Regulation.
In the compromise proposal, it would be the Member States, rather than the health data access bodies, that would have the possibility to make additional categories of health data accessible for secondary use.
The Regulation could create a legal obligation for the health data holder to make electronic health data available to the health data access body upon request. Should this not be possible, the access body would be obliged to take appropriate measures and, as a minimum, to make publicly available the information specified in Article 14 (1)(2) of Regulation 2016/79.
The Swedish Presidency proposes to reduce the frequency of the activity reports of the health data access bodies from annual to biennial.
The compromise proposal introduces elements to be included (identity of the access requester and his/her function and identity of the persons who will have access to the electronic health data) in the usage plan to be provided when applying for a data permit for secondary use of health data.
The Swedish Presidency also proposes criteria to be met by applicants for access to health data in order to obtain data authorisation. Compliance with these criteria will have to be verified by a health data access body.
More info: https://aeur.eu/f/4yv (Original version in French by Émilie Vanderhulst)