69 Amendments of Antoni COMÍN I OLIVERES related to 2022/0140(COD)
Amendment 175 #
Proposal for a regulation
Recital 1 a (new)
Recital 1 a (new)
(1 a) In line with the One Health and Health in All Policies principles, legally defined in Article 3 of the Regulation (EU) No 2022/2371 of the European Parliament and of the Council of 23 November 2022 on serious cross-border threats to health and repealing Decision No 1082/2013/EU, the protection of human health is a matter which has a cross-cutting dimension and is relevant to numerous Union policies and activities. Following these two principles, the Union has created, develops and monitors its EHDS.
Amendment 182 #
Proposal for a regulation
Recital 2 a (new)
Recital 2 a (new)
(2 a) It is important to bear in mind that health data is not a natural resource that is available for exploitation, but a very sensitive resource which can put individuals, families and companies at risk. Among other relevant legal provisions, this Regulations sets out that electronic health data should be stored in the territory of the Union. It also seeks to ensure the right of every patient to have their data stored with the doctor or therapist of their choice, not remotely, but accessible, and ensure that it is not at risk of hacking. Finally, patients should be asked to give their consent to share their data. Therefore, patients should be asked to be totally in charge of their data and if they want to share it.
Amendment 198 #
Proposal for a regulation
Recital 6
Recital 6
Amendment 199 #
Proposal for a regulation
Recital 7
Recital 7
(7) In health systems, personal electronic health data is usually gathered in electronic health records, which typically contain a natural person’s medical history, diagnoses and treatment, medications, allergies, immunisations, as well as radiology images and laboratory results, spread between different entities from the health system (general practitioners, hospitals, pharmacies, care services). In order to enable that electronic health data to be accessed, shared and changed by the natural persons or health professionals, some Member States have taken the necessary legal and technical measures and set up centralised infrastructures connecting EHR systems used by healthcare providers and natural persons. Alternatively, some Member States support public and private healthcare providers to set up personal health data spaces to enable interoperability between different healthcare providers. Several Member States have also supported or provided health data access services for patients and health professionals (for instance through patients or health professional portals). They have also taken measures to ensure that EHR systems or wellness applications are able to transmit electronic health data with the central EHR system (some Member States do this by ensuring, for instance, a system of certification). However, not all Member States have put in place such systems, and the Member States that have implemented them have done so in a fragmented manner. In order to facilitate the free movement of personal health data across the Union and avoid negative consequences for patients when receiving healthcare in cross-border context, Union action is needed in order to ensure individuals have improved acess to their own personal electronic health data and are empowered to share it. In this respect, and in order to avoid administrative fragmentation and to achieve a sufficiently interoperable, understandable and user-friendly system in all Member States and regions, appropriate funding and administrative support at Union level should be considered. Allowing for a fully decentralised federated data system at Union level has the potential to save infrastructure costs and to mitigate privacy concerns, as well as push the privacy-efficiency trade-off further out, generating the same efficiency levels for more privacy. Federated learning systems bring the algorithms to the data and researchers can retrieve only derived data, not the underlying individual electronic health registers.
Amendment 227 #
Proposal for a regulation
Recital 12
Recital 12
(12) Natural persons should be able to exercise control over the transmission of personal electronic health data to other healthcare providers. Healthcare providers and other organisations providing EHRs should facilitate the exercise of this right. Stakeholders such as healthcare providers, digital health service providers, manufacturers of EHR systems or medical devices should not limit or block the exercise of the right of portability because of the use of proprietary standards or other measures taken to limit the portability. For these reasons, the framework laid down by this Regulation builds on the right to data portability established in Regulation (EU) 2016/679 by ensuring that natural persons as data subjects can transmit their electronic health data, including inferred data, irrespective of the legal basis for processing the electronic health data. This right should apply to electronic health data processed by public or private controllers, irrespective of the legal basis for processing the data under in accordance with the Regulation (EU) 2016/679. This right should apply to all electronic health data.
Amendment 252 #
(19) The level of availability of personal health and genetic data in an electronic format varies between Member States. The EHDS should make it easier for natural persons to have those data available in electronic format. This would also contribute to the achievement of the target of 100% of Union citizens having access to their electronic health records by 2030, as referred to in the Policy Programme “Path to the Digital Decade”. In order to make electronic health data accesible and transmissible, such data should be accessed and transmitted in an interoperable common European electronic health record exchange format, at least for certain categories of electronic health data, such as patient summaries, electronic prescriptions and dispensations, medical images and image reports, laboratory results and discharge reports, subject to transition periods. Where personal electronic health data is made available to a healthcare provider or a pharmacy by a natural person, with her total knowledge and consent, or is transmitted by another data controller in the European electronic health record exchange format, the electronic health data should be read and accepted for the provision of healthcare or for dispensation of a medicinal product, thus supporting the provision of the health care services or the dispensation of the electronic prescription. Commission Recommendation (EU) 2019/24345provides the foundations for such a common European electronic health record exchange format. The use of European electronic health record exchange format should become more generalised at EU and national level. While the eHealth Network under Article 14 of Directive 2011/24/EU of the European Parliament and of the Council46recommended Member States to use the European electronic health record exchange format in procurements, in order to improve interoperability, uptake was limited in practice, resulting in fragmented landscape and uneven access to and portability of electronic health data. _________________ 45 Commission Recommendation (EU) 2019/243 of 6 February 2019 on a European Electronic Health Record exchange format (OJ L 39, 11.2.2019, p. 18). 46 Directive 2011/24/EU of the European Parliament and of the Council of 9 March 2011 on the application of patients’ rights in cross-border healthcare (OJ L 88, 4.4.2011, p. 45).
Amendment 275 #
Proposal for a regulation
Recital 24
Recital 24
(24) Access to and transmission of electronic health data is relevant in cross- border healthcare situations, as it may support continuity of healthcare when natural persons travel to other Member States or change their place of residence. Continuity of care and rapid access to personal electronic health data is even more important for residents in border regions, crossing the border frequently to get health care. In many border regions, some specialised health care services may be available closer across the border rather than in the same Member State. An infrastructure is needed for the transmission of personal electronic health data across borders, in situations where a natural person is using services of a healthcare provider established in another Member State. A voluntary infrastructure for that purpose, MyHealth@EU, has been established as part of the actions provided for in Article 14 of Directive 2011/24/EU. Through MyHealth@EU, Member States started to provide natural persons with the possibility to share their personal electronic health data with healthcare providers when travelling abroad. To further support such possibilities, the participation of Member States and, where applicable, regions in the digital infrastructure MyHealth@EU should become mandatory. All Member States should join the infrastructure and connect healthcare providers and pharmacies to it, as this is necessary for the implementation of the rights of natural persons to access and make use of their personal electronic health data regardless of the Member State. The infrastructure should be gradually expanded to support further categories of electronic health data. Finally, in order to guarantee the linguistic rights of natural persons to access and make use of their personal electronic health data, MyHealth@EU should be accessible in the language of preference of the natural person, including all officially recognised languages in Member States.
Amendment 283 #
Proposal for a regulation
Recital 25
Recital 25
(25) In the context of MyHealth@EU, a central platform should provide a common infrastructure for the Member States and all their regions to ensure connectivity and interoperability in an efficient and secure way. In order to guarantee compliance with data protection rules and to provide a risk management framework for the transmission of personal electronic health data, the Commission should, by means of implementing acts, allocate specific responsibilities among the Member States, as joint controllers, and prescribe its own obligations, as processor. Where applicable, regions with health competences should also be entrusted such tasks.
Amendment 322 #
Proposal for a regulation
Recital 37
Recital 37
(37) For the secondary use of the clinical data for research, innovation, scientific development, policy making, regulatory purposes, patient safety or the treatment of other natural persons, the possibilities offered by Regulation (EU) 2016/679 for a Union law should be used as a basis and rules and mechanisms and providing suitable and specific measures to safeguard the rights and freedoms of the natural persons. This Regulation provides the legal basis in accordance with Articles 9(2) (g), (h), (i) and (j) of Regulation (EU) 2016/679 for the secondary use of health data, establishing the safeguards for processing, in terms of lawful purposes, trusted governance for providing access to health data (through health data access bodies) and processing in a secure environment, as well as modalities for data processing, set out in the data permit. At the same time, the data applicant should demonstrate a legal basis pursuant to Article 6 of Regulation (EU) 2016/679, based on which they could request access to data pursuant to this Regulation and should fulfil the conditions set out in Chapter IV. More specifically: for processing of electronic health data held by the data holder pursuant to this Regulation, this Regulation creates the legal obligation in the sense of Article 6(1) point (c) of Regulation (EU) 2016/679 for disclosing the data by the data holder to health data access bodies, while the legal basis for the purpose of the initial processing (e.g. delivery of care) is unaffected. This Regulation also meets the conditions for such processing pursuant to Articles 9(2) (h),(i),(j) of the Regulation (EU) 2016/679. This Regulation assigns tasks in the public interest to the health data access bodies (running the secure processing environment, processing data before they are used, etc.) in the sense of Article 6(1)(e) of Regulation (EU) 2016/679 to the health data access bodies, and meets the requirements of Article 9(2)(h),(i),(j) of the Regulation (EU) 2016/679. Therefore, in this case, this Regulation provides the legal basis under Article 6 and meets the requirements of Article 9 of that Regulation on the conditions under which electronic health data can be processed. In the case where the user has access to electronic health data (for secondary use of data for one of the purposes defined in this Regulation), the data user should demonstrate its legal basis pursuant to Articles 6(1), points (e) or (f), of Regulation (EU) 2016/679 and explain the specific legal basis on which it relies as part of the application for access to electronic health data pursuant to this Regulation: on the basis of the applicable legislation, where the legal basis under Regulation (EU) 2016/679 is Article 6(1), point (e), or on Article 6(1), point (f), of Regulation (EU) 2016/679. If the user relies upon a legal basis offered by Article 6(1), point (e), it should make reference to another EU or national law, different from this Regulation, mandating the user to process personal health data for the compliance of its tasks. If the lawful ground for processing by the user is Article 6(1), point (f), of Regulation (EU) 2016/679, in this case it is this Regulation that provides the safeguards. In this context, the data permits issued by the health data access bodies are an administrative decision defining the conditions for the access to the data.
Amendment 332 #
Proposal for a regulation
Recital 38
Recital 38
(38) In the context of the EHDS, the electronic health data already exists and is being collected by healthcare providers, professional associations, public institutions, regulators, researchers, insurers etc. in the course of their activities. Some categories of data are collected primarily for the provisions of healthcare (e.g. electronic health records, genetic data, claims data, etc.), others are collected also for other purposes such as research, statistics, patient safety, regulatory activities or policy making (e.g. disease registries, policy making registries, registries concerning the side effects of medicinal products or medical devices, etc.). For instance, European databases that facilitate data (re)use are available in some areas, such as cancer (European Cancer Information System) or rare diseases (European Platform on Rare Disease Registration, ERN registries, etc.). These data should also be made available for secondary use. However, much of the existing health-related data is not made available for purposes other than that for which they were collected. This limits the ability of researchers, innovators, policy- makers, regulators and doctors to use those data for different purposes, including research, innovation, scientific development, policy-making, regulatory purposes, patient safety or personalised medicine. In order to fully unleash the benefits of the secondary use of electronic health data, all data holders should contribute to this effort in making different categories of electronic health data they are holding available for secondary use.
Amendment 344 #
Proposal for a regulation
Recital 40
Recital 40
(40) The data holders can be public, non for profit or private health or care providers, public, non for profit and private organisations, associations or other entities, public and private entities that carry out research with regards to the health sector that process the categories of health and health related data mentioned above. In order to avoid a disproportionate burden on small entities, micro-enterprises are excluded from the obligation to make their data available for secondary use in the framework of EHDS. The public or private entities often receive public funding, from national or Union funds to collect and process electronic health data for research, statistics (official or not) or other similar purposes, including in area where the collection of such data is fragmented of difficult, such as rare diseases, cancer etc. Such data, collected and processed by data holders with the support of Union or national public funding, should be made available by data holders to health data access bodies, in order to maximise the impact of the public investment and support research, innovation, patient safety or policy making benefitting the society. In some Member States, private entities, including private healthcare providers and professional associations, play a pivotal role in the health sector. The health data held by such providers should also be made available for secondary use. At the same time, data benefiting from specific legal protection such as intellectual property from medical device companies or pharmaceutical companies often enjoy copyright protection or similar types of protection. However, pPublic authorities and regulators should have access to such data, for instance in the event of pandemics, to verify defective devices and protect human health. In times of severe public health concerns (for example, PIP breast implants fraud) it appeared very difficult for public authorities to get access to such data to understand the causes and knowledge of manufacturer concerning the defects of some devices. The COVID-19 pandemic also revealed the difficulty for policy makers to have access to health data and other data related to health. Such data should be made available for public and regulatory activities, supporting public bodies to carry out their legal mandate, while complying with, where relevant and possible, the protection enjoyed by commercial data. Specific rules in relation to the secondary use of health data should be provided. Data altruism activities may be carried out by different entities, in the context of Regulation […] [Data Governance Act COM/2020/767 final] and taking into account the specificities of the health sector.
Amendment 361 #
Proposal for a regulation
Recital 41
Recital 41
(41) The secondary use of health data under EHDS should enable the public, private, not for profit entities, as well as individual researchers to have access to health data for research, innovation, scientific development, policy making, educational activities, patient safety, regulatory activities or personalised medicine, in line with the purposes set out in this Regulation. Access to data for secondary use should contribute to the general interest of the society. Activities for which access in the context of this Regulation is lawful may include using the electronic health data for tasks carried out by public bodies, such as exercise of public duty, including public health surveillance, planning and reporting duties, health policy making, ensuring patient safety, quality of care, and the sustainability of health care systems. Public bodies and Union institutions, bodies, offices and agencies may require to have regular access to electronic health data for an extended period of time, including in order to fulfil their mandate, which is provided by this Regulation. Public sector bodies may carry out such research activities by using third parties, including sub-contractors, as long as the public sector body remain at all time the supervisor of these activities. The provision of the data should also support activities related to scientific research (including private non-profit research), development and innovation, producing goods and services for the health or care sectors, such as innovation activities or training of AI algorithms that could protect the health or care of natural persons. In some cases, the information of some natural persons (such as genomic information of natural persons with a certain disease) could support the diagnosis or treatment of other natural persons. There is a need for public bodies to go beyond the emergency scope of Chapter V of Regulation […] [Data Act COM/2022/68 final]. However, the public sector bodies may request the support of health data access bodies for processing or linking data. This Regulation provides a channel for public sector bodies to obtain access to information that they require for fulfilling their tasks assigned to them by law, but does not extend the mandate of such public sector bodies. Any attempt to use the data for any measures detrimental to the natural person, to increase insurance premiums, to advertise products or treatments, or develop harmful products should be prohibited.
Amendment 385 #
Proposal for a regulation
Recital 47
Recital 47
(47) Health data access bodies and single data holders should be allowed to charge fees based on the provisions of Regulation […] [Data Governance Act COM/2020/767 final] in relation to their tasks. Such fees may take into account the situation and interest of SMEs, individual researchers or public bodies. Data holders should be allowed to also charge fees for making data available. Such fees should reflect the costs for providing such services. Private dData holders may also charge fees for the collection of data. In order to ensure a harmonised approach concerning fee policies and structure, the Commission may adopt implementing acts. Provisions in Article 10 of the Regulation [Data Act COM/2022/68 final] should apply for fees charged under this Regulation.
Amendment 404 #
Proposal for a regulation
Recital 51
Recital 51
(51) As the resources of health data access bodies are limited, they can apply prioritisation rules, for instance prioritising public institutions before private non- profit entities, but they should not make any discrimination between the national or from organisations from other Member States or, where applicable, regions with health legislative and executive competences, within the same category of priorities. The data user should be able to extend the duration of the data permit in order, for example, to allow access to the datasets to reviewers of scientific publication or to enable additional analysis of the dataset based on the initial findings. This would require an amendment of the data permit and may be subject to an additonal fee. However, in all the cases, the data permit should reflect theses additionals uses of the dataset. Preferably, the data user should mention them in their initial request for the issuance of the data permit. In order to ensure a harmonised approach between health data access bodies, the Commission should support the harmonisation of data permit.
Amendment 503 #
Proposal for a regulation
Article 2 – paragraph 1 – point f a (new)
Article 2 – paragraph 1 – point f a (new)
(f a) the definitions of ‘One Health’ and ‘Health in All Policies’ pursuant to Article 3 of the Regulation (EU) No 2022/2371 of the European Parliament and of the Council of 23 November 2022 on serious cross-border threats to health and repealing Decision No 1082/2013/EU;
Amendment 567 #
Proposal for a regulation
Article 2 – paragraph 2 – point s
Article 2 – paragraph 2 – point s
(s) ‘central platform for digital health’ means an interoperability platform providing services to support and facilitate the exchange of electronic health data between national or, where applicable, regional contact points for digital health;
Amendment 568 #
Proposal for a regulation
Article 2 – paragraph 2 – point u a (new)
Article 2 – paragraph 2 – point u a (new)
(u a) ‘regional contact point for secondary use of electronic health data’ means an organisational and technical gateway enabling the cross-border secondary use of electronic health data, under the responsibility of a region with health competences within a Member State;
Amendment 569 #
Proposal for a regulation
Article 2 – paragraph 2 – point v
Article 2 – paragraph 2 – point v
(v) ‘central platform for secondary use of electronic health data’ means an interoperability platform established by the Commission, providing services to support and facilitate the exchange of information between national contact points for secondary use of electronic health data;
Amendment 570 #
Proposal for a regulation
Article 2 – paragraph 2 – point x
Article 2 – paragraph 2 – point x
(x) ‘HealthData@EU’ means the infrastructure connecting national or, where applicable, regional contact points for secondary use of electronic health data and the central platform;
Amendment 580 #
Proposal for a regulation
Article 2 – paragraph 2 – point y
Article 2 – paragraph 2 – point y
(y) ‘data holder’ means any natural or legal person, which is an public entity or a body in the health or care sector, or performing research in relation to these sectors, as well as Union institutions, bodies, offices and agencies who has the right or obligation, in accordance with this Regulation, applicable Union law or national legislation implementing Union law, or in the case of non-personal data, through control of the technical design of a product and related services, the ability to make available, including to register, provide, restrict access or exchange certain data;
Amendment 596 #
Proposal for a regulation
Article 2 – paragraph 2 – point ae a (new)
Article 2 – paragraph 2 – point ae a (new)
(ae a) ‘public sector body’ means national, regional or local authorities of the Member States, and bodies governed by public law of the Member States, or associations formed by one or more such authorities or one or more such bodies and Union institutions, bodies, offices and agencies when carrying out tasks enshrined in their mandate;
Amendment 604 #
Proposal for a regulation
Article 2 – paragraph 2 – point ae b (new)
Article 2 – paragraph 2 – point ae b (new)
(ae b) ‘innovation activities’ means actions taken to create new products or services, or improve existing products, services, methods and models to expand health results and quality, based on good practices and lessons learned;
Amendment 610 #
Proposal for a regulation
Article 2 – paragraph 2 – point ae c (new)
Article 2 – paragraph 2 – point ae c (new)
(ae c) ‘languages’ in this Regulation means the use of all the languages of the Union, notwithstanding their official status in the Union, which are official in a Member State, in regional entities of the Member State, especially in those regions with legislative and health executive competences.
Amendment 844 #
Proposal for a regulation
Article 10 – paragraph 2 – point f
Article 10 – paragraph 2 – point f
(f) supervise the national contact points for digital health and cooperate with other digital health authorities and the Commission on further development of MyHealth@EU;
Amendment 910 #
Proposal for a regulation
Article 12 – paragraph 1
Article 12 – paragraph 1
1. The Commission shall establish a central platform for digital health to provide services to support and facilitate the exchange of electronic health data between national contact points for digital health of the Member States.
Amendment 911 #
Proposal for a regulation
Article 12 – paragraph 2
Article 12 – paragraph 2
2. Each Member State shall designate one national contact point for digital health to ensure the connection to all other national or, where applicable, regional contact points for digital health and to the central platform for digital health. Where a designated national contact point is an entity consisting of multiple organisations responsible for implementing different services, the Member State shall communicate to the Commission a description of the separation of tasks between the organisations. The national contact point for digital health shall be considered an authorised participant in the infrastructure. Each Member State shall communicate the identity of its national contact point to the Commission by [the date of application of this Regulation]. Such contact point may be established within the digital health authority established by Article 10 of this Regulation. Member States shall communicate to the Commission any subsequent modification of the identity of those contact points. The Commission and the Member States shall make this information publicly available.
Amendment 913 #
Proposal for a regulation
Article 12 – paragraph 3
Article 12 – paragraph 3
3. Each national contact point for digital health shall enable the exchange of the personal electronic health data referred to in Article 5 with all other national contact points. The exchange shall be based on the European electronic health record exchange format.
Amendment 928 #
Proposal for a regulation
Article 12 – paragraph 7
Article 12 – paragraph 7
7. The national or, where applicable, regional contact points for digital health shall act as joint controllers of the electronic health data communicated through ‘MyHealth@EU’ for the processing operations in which they are involved. The Commission shall act as processor.
Amendment 929 #
Proposal for a regulation
Article 12 – paragraph 7 a (new)
Article 12 – paragraph 7 a (new)
7 a. In order to guarantee the linguistic rights of natural persons to access and make use of their personal electronic health data, MyHealth@EU shall be accessible in the language of preference of the natural person, including all officially recognised lenguages in Member States.
Amendment 935 #
Proposal for a regulation
Article 13 – paragraph 1
Article 13 – paragraph 1
1. Member States may provide through MyHealth@EU supplementary services that facilitate telemedicine, mobile health, access by natural persons to their translated health data and use of their language of preference, including all officially recognised languages in Member States, exchange or verification of health-related certificates, including vaccination card services supporting public health and public health monitoring or digital health systems, services and interoperable applications, with a view to achieving a high level of trust and security, enhancing continuity of care and ensuring access to safe and high- quality healthcare. The Commission shall, by means of implementing acts, set out the technical aspects of such provision. Those implementing acts shall be adopted in accordance with the advisory procedure referred to in Article 68(2).
Amendment 1009 #
Proposal for a regulation
Article 19 – paragraph 7
Article 19 – paragraph 7
7. Importers shall, further to a reasoned request from a market surveillance authority, provide it with all the information and documentation necessary to demonstrate the conformity of an EHR system in the official languages of the Member State where the market surveillance authority is located. They shall cooperate with that authority, at its request, on any action taken to bring their EHR systems in conformity with the essential requirements laid down in Annex II.
Amendment 1039 #
Proposal for a regulation
Article 24 – paragraph 3
Article 24 – paragraph 3
3. The technical documentation shall be drawn up in one of the official languages of the Union. Following a reasoned request from the market surveillance authority of a Member State, the manufacturer shall provide a translation of the relevant parts of the technical documentation into the official languages of that Member State.
Amendment 1047 #
Proposal for a regulation
Article 26 – paragraph 3
Article 26 – paragraph 3
3. The EU declaration of conformity shall, as a minimum, contain the information set out in Annex IV and shall be translated into one or more official Union languages determined by the Member State(s) in which the EHR system is made available. Manufacturers shall provide a translation of the relevant parts of the technical documentation into all the official languages of Member States.
Amendment 1109 #
Proposal for a regulation
Article 31 – paragraph 4
Article 31 – paragraph 4
4. The label shall be drawn-up in one or more official languages of the Union or languages determined by the Member State(s) in which the in which the wellness application is placed on the market.
Amendment 1226 #
Proposal for a regulation
Article 33 – paragraph 3
Article 33 – paragraph 3
3. The electronic health data referred to in paragraph 1 shall cover data processed for the provision of health or care or for public health, research, innovation, policy making, official statistics, patient safety or regulatory purposes, collected by entities and bodies in the health or care sectors, including public and private providers of health or care, entities or bodies performing research in relation to these sectors, and Union institutions, bodies, offices and agencies.
Amendment 1262 #
Proposal for a regulation
Article 33 – paragraph 5
Article 33 – paragraph 5
5. Where the consent of the natural person is required by national law, health data access bodies shall rely on the obligations laid down in this Chapter to provide access to electronic health dataNatural persons shall have the right to decline the processing of their health data. Health data access bodies shall provide for an accessible and easily understandable opt-out mechanism, whereby natural persons must be offered the possibility to explicitly express their wish not to have their personal electronic health data processed for secondary use purposes.
Amendment 1281 #
Proposal for a regulation
Article 33 – paragraph 8
Article 33 – paragraph 8
8. Health data access bodies may provide access to additional categories of electronic health data that they have been entrusted with pursuant to national law or based on voluntary cooperation with the relevant data holders at national level, in particular to electronic health data held by private entities in the health sector.
Amendment 1307 #
Proposal for a regulation
Article 34 – paragraph 1 – point c
Article 34 – paragraph 1 – point c
(c) to produce national, multi-national, regional, local and Union level official statistics related to health or care sectors;
Amendment 1317 #
Proposal for a regulation
Article 34 – paragraph 1 – point e
Article 34 – paragraph 1 – point e
(e) scientific research related to public health or care sectors;
Amendment 1368 #
Proposal for a regulation
Article 35 – paragraph 1 – point a
Article 35 – paragraph 1 – point a
(a) taking decisions detrimental to a natural person based on their electronic health data, such as offers of employment, offering less favourable terms in the provision of goods or services such as insurance or other financial services; in order to qualify as “decisions”, they must produce legal effects or similarly significantly affect those natural persons;
Amendment 1383 #
Proposal for a regulation
Article 35 – paragraph 1 – point c
Article 35 – paragraph 1 – point c
(c) advertising or marketing activities or, any other economic or financial activity aimed at making corporative profits, towards health professionals, organisations in health or natural persons;
Amendment 1419 #
Proposal for a regulation
Article 35 – paragraph 1 a (new)
Article 35 – paragraph 1 a (new)
The infringement by secondary use data users of the purposes defined in the previous paragraph shall entail the termination of access and processing electronic health data obtained via a data permit issued pursuant Articles 43 and 46.
Amendment 1424 #
Proposal for a regulation
Article 36 – paragraph 1
Article 36 – paragraph 1
1. Health data access bodies shall be public entities or bodies. Member States shall designate one or more public health data access bodies responsible for granting access to electronic health data for secondary use. Member States may either establish one or more new public sector bodies or rely on existing public sector bodies or on internal services of public sector bodies that fulfil the conditions set out in this Article. Where a Member State designates several health data access bodies, it shall designate one health data access body to act as coordinator, with responsibility for coordinating requests with the other health data access bodies.
Amendment 1492 #
Proposal for a regulation
Article 37 – paragraph 1 – point j
Article 37 – paragraph 1 – point j
(j) cooperate with and supervise data holders to ensure the consistent and accurate implementation of the data quality and utility label set out in Article 56, as well as support them in order to ensure respect of the right to opt-out of data subjects referred to in Article 33(5);
Amendment 1498 #
Proposal for a regulation
Article 37 – paragraph 1 – point m
Article 37 – paragraph 1 – point m
(m) cooperate at Union and nat, national and, where applicable, regional level to lay down appropriate measures and requirements for accessing electronic health data in a secure processing environment;
Amendment 1501 #
Proposal for a regulation
Article 37 – paragraph 1 – point n
Article 37 – paragraph 1 – point n
(n) cooperate at Union and nat, national and, where applicable, regional level and provide advice to the Commission on techniques and best practices for electronic health data use and management;
Amendment 1509 #
Proposal for a regulation
Article 37 – paragraph 1 – point q – point i
Article 37 – paragraph 1 – point q – point i
(i) a national dataset catalogue that shall include details about the source and nature of electronic health data, in accordance with Articles 56 and 58, and the conditions for making electronic health data available. The national dataset catalogue shall also be made available to single information points under Article 8 of Regulation […] [Data Governance Act COM/2020/767 final];
Amendment 1514 #
Proposal for a regulation
Article 37 – paragraph 1 – point q – point iv a (new)
Article 37 – paragraph 1 – point q – point iv a (new)
(iv a) a list of data users whose data permits had to be terminated due to their infringement of Article 35;
Amendment 1520 #
Proposal for a regulation
Article 37 – paragraph 1 – point t a (new)
Article 37 – paragraph 1 – point t a (new)
Amendment 1531 #
Proposal for a regulation
Article 37 – paragraph 2 – point d
Article 37 – paragraph 2 – point d
(d) cooperate with other national competent bodies, including the national competent bodies supervising data altruism organisations under Regulation […] [Data Governance Act COM/2020/767 final], the competent authorities under Regulation […] [Data Act COM/2022/68 final] and the national competent authorities for Regulations (EU) 2017/745 and Regulation […] [AI Act COM/2021/206 final] .
Amendment 1533 #
Proposal for a regulation
Article 37 – paragraph 3
Article 37 – paragraph 3
3. The health data access bodies mayshall provide assistance to public sector bodies where those public sector bodies access electronic health data on the basis of Article 14 of Regulation […] [Data Act COM/2022/68 final].
Amendment 1542 #
Proposal for a regulation
Article 38 – paragraph 1 – point c
Article 38 – paragraph 1 – point c
(c) the applicable rights of natural persons in relation to secondary use of electronic health data, in particular the right to opt-out pursuant to Article 33(5), including detailed and understandable information on how to exercise those rights;
Amendment 1568 #
Proposal for a regulation
Article 38 – paragraph 3
Article 38 – paragraph 3
3. Where a health data access body is informed by a data user of a finding that may impact on the health of a natural person, the health data access body mayshall inform the natural person and his or her treating health professional about that finding within the natural day it was informed by the data user.
Amendment 1577 #
Proposal for a regulation
Article 38 – paragraph 4
Article 38 – paragraph 4
4. Member States and, where applicable, regions shall regularly inform the public at large about the role and benefits of health data access bodies.
Amendment 1579 #
Proposal for a regulation
Article 38 – paragraph 4 a (new)
Article 38 – paragraph 4 a (new)
4 a. Health data access bodies shall introduce easy and accessible means for natural persons to lodge complaints, both individually and collectively. Health data access bodies shall inform the complainants at all stages of the process. Health data access bodies shall duly inform about this right in the most visible manner through electronic means.
Amendment 1580 #
Proposal for a regulation
Article 38 – paragraph 4 b (new)
Article 38 – paragraph 4 b (new)
4 b. Natural persons shall be able to seek an effective judicial remedy against a legally binding decision of a health data access body concerning them. Health data access bodies shall duly inform about this right in the most visible manner through electronic means.
Amendment 1597 #
Proposal for a regulation
Article 39 – paragraph 1 – point n a (new)
Article 39 – paragraph 1 – point n a (new)
(n a) a list of data users whose data permits had to be terminated due to their infringement of Article 35.
Amendment 1669 #
Proposal for a regulation
Article 43 – paragraph 4
Article 43 – paragraph 4
4. Health data access bodies shall have the power to revokterminate the data permit issued pursuant to Article 46 and stop the affected electronic health data processing operation carried out by the data user in order to ensure the cessation of the non- compliance referred to in paragraph 3, immediately or within a reasonable time limit, and shall take appropriate and proportionate measures aimed at ensuring compliant processing by the data users. In this regard, the health data access bodies shall be able, where appropriate, to revoke to terminate the data permit and to exclude the data user from any access to electronic health data for a period of up to 5 years.
Amendment 1723 #
Proposal for a regulation
Article 44 – paragraph 3 a (new)
Article 44 – paragraph 3 a (new)
3 a. The failure by the data user to respect the measures of the health data access body ensuring anonymisation and pseudonymisation shall be subject to appropriate penalties pursuant Article 43.
Amendment 1784 #
Proposal for a regulation
Article 45 – paragraph 6
Article 45 – paragraph 6
6. The Commission may, assisted by the EHDS Board set out in Article 64, shall, by means of implementing acts, set out the templates for the data access application referred to in this Article, the data permit referred to in Article 46 and the data request referred to in Article 47. Those implementing acts shall be adopted in accordance with the procedure referred to in Article 68(2).
Amendment 1808 #
2. Health data access bodies shall refuse all applications including one or more purposes listed in Article 35 or where requirements in this Chapter are not met. The data authorisation shall not be granted where the data subject opted-out to the processing pursuant to Article 33(5).
Amendment 1888 #
Proposal for a regulation
Article 49
Article 49
Access to electronic health data from a 1. access to electronic health data only from a single data holder in a single Member State, by way of derogation from Article 45(1), that applicant may file a data access application or a data request directly to the data holder. The data access application shall comply with the requirements set out in Article 45 and the data request shall comply with requirements in Article 47. Multi-country requests and requests requiring a combination of datasets from several data holders shall be addressed to health data access bodies. 2. issue a data permit in accordance with Article 46 or provide an answer to a data request in accordance with Article 47. The data holder shall then provide access to the electronic health data in a secure processing environment in compliance with Article 50 and may charge fees in accordance with Article 42. 3. 51, the single data provider and the data user shall be deemed joint controllers. 4. shall inform the relevant health data access body by electronic means of all data access applications filed and all the data permits issued and the data requests fulfilled under this Article in order to enable the health data access body to fulfil its obligations under Article 37(1) and Article 39.rticle 49 deleted single data holder Where an applicant requests In such case, the data holder may By way of derogation from Article Within 3 months the data holder
Amendment 1927 #
Proposal for a regulation
Article 52 – paragraph 2
Article 52 – paragraph 2
2. The national contact points referred to in paragraph 1 shall be authorised participants in the cross-border infrastructure for secondary use of electronic health data (HealthData@EU). The national contact points shall facilitate the cross-border access to electronic health data for secondary use for different authorised participants in the infrastructure and shall cooperate closely with each other and with the Commission.
Amendment 1939 #
Proposal for a regulation
Article 52 – paragraph 8
Article 52 – paragraph 8
8. The Member States and the Commission shall set up HealthData@EU to support and facilitate the cross-border access to electronic health data for secondary use, connecting the national or, where applicable, regional contact points for secondary use of electronic health data of all Member States and authorised participants in that infrastructure.
Amendment 2046 #
Proposal for a regulation
Article 65 – paragraph 1 – point a
Article 65 – paragraph 1 – point a
(a) to assist Member States and, where appropriate, regions in coordinating practices of digital health authorities;
Amendment 2055 #
Proposal for a regulation
Article 65 – paragraph 2 – point a
Article 65 – paragraph 2 – point a
(a) to assist Member States and, where appropriate, regions in coordinating practices of health data access bodies in the implementation of provisions set out in Chapters IV, to ensure a consistent application of this Regulation;
Amendment 2068 #
Proposal for a regulation
Article 65 – paragraph 2 – point f a (new)
Article 65 – paragraph 2 – point f a (new)
(fa) to publish an annual report to include the implementation status of the European Health Data Space and other relevant points of development, including the respect to the opt-out mechanism, cross-border health data interoperability, implementation challenges, guidance and recommendations to digital health authorities, and its conclusions on the implementation and enforcement of this Regulation.
Amendment 2070 #
Proposal for a regulation
Article 66 – paragraph 1
Article 66 – paragraph 1
1. The Commission shall establish two groups dealing with joint controllership for the cross-border infrastructures provided for in Articles 12 and 52. The groups shall be composed of the representatives of the national contact points and other authorised participants in those infrastructures.
Amendment 2102 #
Proposal for a regulation
Article 70 – paragraph 1
Article 70 – paragraph 1
1. After 5 years from the entry into force of this Regulation, the Commission shall carry out a targeted evaluation of this Regulation especially with regards to Chapters III and IV, and submit a report on its main findings to the European Parliament and to the Council, the European Economic and Social Committee and the Committee of the Regions, accompanied, where appropriate, by a proposal for its amendment. The evaluation shall include an assessment of the self- certification of EHR systems and reflect on the need to introduce a conformity assessment procedure performed by notified bodies. It shall also include an evaluation of the opt-out mechanism laid down in Article 33(5) and recommendations on how to strengthen it.