Better healthcare with portability rights
The law would give patients the right to access their personal health data across the EU’s different healthcare systems (so-called primary use), and allow health professionals to access data on their patients. Access would include patient summaries, electronic prescriptions, medical imagery and laboratory results.
Each country would establish national health data access services based on the MyHealth@EU platform. The law would also set out rules on the quality and security of data for providers of Electronic Health Records (EHR) systems in the EU, to be monitored by national market surveillance authorities.
Data-sharing for the common good with safeguards
The EHDS would make possible the sharing of aggregated health data, including on pathogens, health claims and reimbursements, genetic data and public health registry information, for reasons of health-related public interest, including research, innovation, policy-making, education, patient safety or regulatory purposes (so-called secondary use).
At the same time, the rules would ban certain uses, for example advertising, decisions to exclude people from benefits or types of insurance, or sharing to third parties without permission. Requests to access secondary data would under these rules be handled by national bodies, which would ensure data is only provided in an anonymised or, if necessary, pseudonymised format.
In their draft position, MEPs want to make explicit permission by patients mandatory for the secondary use of certain sensitive health data, and provide for an opt-out mechanism for other data. They also want to give citizens the right to challenge a decision of a health data access body, and allow non-profit organisations to lodge complaints on their behalf. The adopted position would also expand the list of cases where a secondary use would be banned, for example in the labour market or for financial services. It would ensure that all EU countries receive sufficient funding to provide protections for the secondary use of data, and protect data falling under intellectual property rights or constituting trade secrets.