Citizens of EU member states today generate vast and increasing quantities of data about their bodies and minds, not least in the form of personal medical records. Such personal data is sensitive but at the same time, when aggregated, highly valuable for research and innovation.
As a data regulation superpower, the EU generally seeks to balance personal rights and the integrity of the single market as it regulates the generation, storage, transfer and use of personal data. It has now trained its sights on health data and its stated objective is to give citizens greater control over their personal data and facilitate secure sharing.
In this new analysis for SIEPS, David Fåhraeus (PhD candidate in law, Uppsala University), Jane Reichel (professor in administrative law, Stockholm University) and Santa Slokenberga (senior lecturer in administrative law, Uppsala University) explain the proposal to create a European Health Data Space and outline some core aspects: its legal basis, the distinction between primary and secondary use of the data, and the technical and administrative mechanisms envisaged.
The authors go on to examine the expected implications for key stakeholders including patients, healthcare workers and institutions, health-technology and pharmaceutical firms, and public authorities. They conclude that while the legal framework could well help transform healthcare and catalyse health-related innovation and research in Europe, there remain major questions that need to be considered and addressed.