Assessment of the EU Member States’ rules on health data in the light of GDPR

Author (Person)	Hansen, Johan, Kirwan, Mar, Kroneman, Madelon, van Veen, Evert-Ben, Verheij, Robert, Verhoeven, Eline, Wilson, Petra
Author (Corporate)	European Commission: Consumers Health and Food Executive Agency (CHAFEA)
Publisher	Publications Office of the European Union
Publication Date	2021
ISBN	978-92-9478-785-9
EC	EB-01-21-045-EN-N
Content Type	Research Paper
	Summary: A study was conducted with the objective to examine and present the EU Member States’ rules governing the processing of health data in light of the GDPR, with the objective of highlighting possible differences and identifying elements that might affect the cross-border exchange of health data in the EU, and examining the potential for EU level action to support health data use and re-use. We distinguish between using health data for primary purposes (for treatment of the patient) and secondary purposes (for research, registries and management of the healthcare system). The study provides an evidence-based comparison of the state of play regarding health data governance within the EU. This will help to assess in what areas EU intervention might be needed and if so, through which types of measures, be it measures such as a Code of Conduct for data processing in the health area, which could be supported by an EU level implementing act or more direct legislative action, taking into account the particularities of the health systems in the Member States. The study uses a mixed-methods approach, consisting of the following elements: Literature review to provide an overview of best practices, bottlenecks, policy options and possible solutions already identified in the literature. Mapping legal and technical aspects of health data usage at national level to provide an overview of the differences among countries in legislation, regulation and governance models regarding processing health data. In-depth case studies of national governance models for health data sharing. Workshops held with MoH representatives, experts, stakeholder representatives and experts from national data protection offices. Stakeholder Survey to cross validate and supplement the topics addressed and identified in the Member State legal and technical aspects mapping. The results of this study allow for a detailed assessment of possible elements at Member States/EU level that might affect the movement of health data across borders. It also identifies practices that could facilitate this exchange of data, as well as possible policy options for strategies in this area. Finally, we explored possibilities for sustainable governance structures for health data collection, processing and transfer, as well as measures empowering citizens to have more control of their own health data and to ensure portability and interoperability of these data.
Source Link	Link to Main Source https://doi.org/10.2818/546193 Alternative Source 1 Alternative sources https://op.europa.eu/en/publication-detail/-/publication/8337c9ed-7009-11eb-9ac9-01aa75ed71a1
Related Links	Publications Office of the European Union: Assessment of the EU Member States’ rules on health data in the light of GDPR - Country fiches for all EU MS https://doi.org/10.2818/09448
Subject Categories	Health
Subject Tags	Public Health
Keywords	Data Hosting \| Storage, Data Privacy \| Protection, e-Health, General Data Protection Regulation [GDPR]
International Organisations	European Union [EU]