EPSU joins civil society demanding better safeguards in the European Health Data Space

©pexels-engin-akyurt-4052207

( 27 February 2024) As negotiations in trilogue between the European Parliament and Council are nearing conclusion EPSU joint a group of civil society organisations demanding better safe guards for data of patients. The group of organisations understands the opportunities of the European Health Data Space (EHDS) to promote health data and patient record sharing within the frame of direct medical treatment of patients (primary use). We do maintain it is essential to include strong and meaningful safeguards regarding the use of health data for secondary purposes, such as research and product development by companies, and policy-making by governments.

Due to the absence of a consent requirement in the EHDS proposal, patients lose control over the sharing of their own medical data. An EHDS that obliges healthcare providers to share patient data without consent violates the principle of doctor-patient confidentiality and undermines the fundamental principles of privacy set out in the EU General Data Protection Regulation (GDPR).

Moreover, with the EHDS proposal, the EU is rolling out the red carpet for Big Tech companies such as Amazon, Google, and Microsoft, which are becoming increasingly active in the healthcare sector. The EHDS offers Big Tech an unprecedented opportunity to use EU citizens’ health data – perhaps the most personal and sensitive form of data – to expand its already problematic monopolistic market power into the health sector. This does not align with the efforts of EU governments to counter the growing power of Big Tech, e.g. through the Digital Services Act and Digital Markets Act.

The final design of the EHDS should include:

  • The right for patients across the EU to at least opt-out from the use of their health data for primary and secondary purposes.
  • The requirement for companies to charge fair prices and ensure widespread accessibility of the products and services that were developed using EU citizens’ health data, so that EU citizens and health systems actually benefit from the data they provide.
  • The inclusion of the voice of EU citizens in the decisions on who is granted access to their health data and under what conditions. Health Data Access Bodies must be governed in a transparent, democratic, and independent manner. Industry representatives who may have an interest in accessing patient data for secondary use should not be allowed to partake in the governance of these data access bodies.
  • Governments and market regulators must act against the growing monopolistic market positions of Big Tech companies. Governments and national health systems should invest in public and transparent digital health infrastructures.

For the full statement