All posts by Jan Kuhlmann

Appeal Relating to Project “European Health Data Space”

The Commission of the European Union has introduced the proposal for a “European Health Data Space” EHDS. It is currently being discussed in the LIBE Committee (for Civil Liberties, Justice and Home Affairs) of the EU Parliament. A first statement about it can be found here. Last week, German association Patientenrechte und Datenschutz (Patient’s Rights and Data Protection) wrote to all members of the LIBE Committee and their staff. Here is the text of its current submission.

The proposed regulation on the European Health Data Space (EHDS) is supposed to serve patients, provide new rights and benefits. But in fact, it creates a “single market” for personal health information by technically organising it via central storage and, above all, making it available to third parties. 

Patients will have to worry that their particularly sensitive medical data will fall into the hands of unauthorised persons. This undermines trust in doctors and other professional helpers – and jeopardises the basis of any medical treatment. 

Central storage is unnecessary, as decentralised systems would also be possible and feasible. Moreover, the electronic health record is not in the hands of the data subject, but is managed by a third party.

From the patient’s point of view, the entire concept in its current form ist to be rejected.

Specifically, we consider the following points to be particularly critical:

Primary use: compulsory electronic health record

Art. 3 (1) of the draft regulation ostensibly creates a “right” for people in Europe “to access their personal electronic health data […] immediately […]”.  Similarly, Art. 3 (8) constructs a “right” for patients to give other persons access to their health data “immediately”.

Yet, in fact, it is an obligation without alternative.

Immediate access to remote data requires technical accessibility at all times. Either this is achieved via central storage or the networking and constant (online) availability of all systems that process patient data. Both approaches enable malicious or criminal attacks or data breaches. How often medical files fall into the wrong hands in this way is something you can read about in the media every week.

The draft regulation requires all data holders to fill an electronic health record (EHR) for each patient (Art. 7 para. 1). Patients are deprived of the possibility to decide about their personal data themselves. They will not be asked.

Compulsion to the electronic patient file is to be rejected on principle.

Secondary use: for research, but also for boosting the economy

Art. 34 lists purposes for which a “secondary use” – i.e. the disclosure of data without the knowledge or consent of the data subjects – should be permitted. Many of these purposes are formulated very vaguely. This allows a wide range of interested parties to access health records. 

Patients cannot block their health records from secondary use.

According to the draft regulation, electtronic health records must be anonymised or pseudonymised before secondary use. A definition of these terms, and the procedures to be applied, is missing.

Personal medical data are as unique in their combination as a fingerprint. By linking them with information from other sources (internet, address data), it is possible to identify the data subject from almost any “anonymised” data set.

Moreover, “pseudonymisation” can be reversed.

A compulsion to “secondary use” is to be opposed on principle.

Legal basis

According to Art. 168 (7) of the “Treaty on the Functioning of the European Union” (TFEU), “the management of health services and medical care” is the sole responsibility of the Member States.

The proposal’s provisions on primary and secondary data use interfere significantly with the management of health care and, in this form, exceed the competences of the EU by far.


We propose

  • to create ways for the doctors and therapists involved in a patient’s treatment to exchange data directly in encrypted form (at the request of the patient),
  • to create electronic health records only at the request of the patient concerned (opt-in),  
  • to allow secondary use only on the basis of the informed and voluntary consent of the data subjects (opt-in), 
  • to strictly limit the permissible purposes of “secondary use” to non-profit research,
  • to protect the privacy particularly of ill persons by imposing severe penalties on the disclosure and/or repersonalisation of medical data,
  • to introduce a liability to pay compensation for victims of data loss. The disclosure of health information can cause considerable damage to the person concerned and genetically related persons and can have an effect for generations. Therefore, all data users must be liable, regardless of fault, if health records given to them fall into the wrong hands.
  • to establish a fund that will step in if the parties liable to pay compensation are insolvent or elusive. This compensation fund should be financed through the fees for secondary data use provided for in the draft (Art. 42).

We are confident that the proposed amendments will help to avert or mitigate the major risks of the EHDS project.

All things considered, we believe it would be sensible for the EU Commission to withdraw its proposal and redesign the project while safeguarding patients’ rights.

This could include established concepts for decentralised storage as well as patient- rather than industry-friendly designs of the EHR and allow for a slow convergence of the different healthcare systems.

Detailed Change Proposals to EHDS

According to European Parliament’s (EP) EHDS schedule, fractions and their “shadow reporters” can propose changes to the first draft of the comittee report on EHDS, until March 23, 2023. The time for proposing such changes is now.

We have been asked by someone from an EP fraction, to propose such changes until end of February. As there was no time for coordinationg a group response, I answered personally.

Unfortunately we were unable to put our requirements into this document within one or two weeks. We are only activists working in our free time. We think this kind of work should be done by professionals like you. Our statement, in which you can find a lot of hints, is here:

But anyway, I have entered some of our suggestions into the report, using the correction function of MS Word. This is my personal contribution, not one of our group. Please note that we see two lines of defense with EHDS. Therefore, if I would have had more time I had to make two sets of changes to the document, one for each line of defense. In the attached document, both lines of defense are combined, which makes things a little clumsy. One must know more about the power relationships behind the proposal before deciding which way to go.

Line of defense 1: Privacy of medical data means, protecting the doctor-patient relationship in the same way and with the same rigidity as the relationship between lawyer and client. The principle of line 1 is that medical data don’t leave the doctor’s office except with consent from the patient. In this line, the argument that there is no competency of the EU for a regulation like this is most important. The set of changes, on this line, would mean wiping out around half of the proposal’s text.

Line of defense 2: Secondary use of health data cannot be prevented, or (according to some) should be facilitated. In this case, a lot of detail improvements to the proposal must be requested. I entered some of them in the attachment. A lot more could be done, with more time. I propose an online meeting between some experts to find out how to proceed.

Due to MS Word malfunctions, it is difficult to find the changes in the attachment, so here is a list:

  • Recitals 1, 8, 16a, 49a
  • Articles 3 par 1, 7, 35a

Hopefully, we can create much more proposals and improve these ones. There is no necessary conflict between these two lines of defense, they can be followed in parallel. One example is the proposal of strict liability and a compensation scheme for secondary use of health data, which belongs to line of defense 2.

EHDS Information Exchange

This site is about EU’s legislative project EHDS (European Health Data Space) and similar projects in member states.

There is a menu on the upper right hand side, with our page’s structure. You can explore other pages. On these pages you’ll find a lot of links to documents.

The commission’s proposal of a regulation is here. It is currently discussed in EU’s parliament and council. A joint opinion on it by EU’s data protection authorities has been given.

The parliament’s time schedule for processing this file with names of reporters and fraction’s shadow reporters is here. The parliament’s comittees involved are Civil Liberties, Justice and Home Affairs (LIBE) and Environment, Public Health and Food Safety (ENVI). Current status is that the first version of a comittee report has been drafted.