Data protection, access and authorization tools

Role this area should play in the mHealth space

Health data is considered as sensitive data. Using mobile applications (and mobile health services) to handle/store/exchange health data demands these applications/systems to implement means to ensure data protection and access to the data. Especially the latter requires that the users (patient, citizens, health professionals) can be identified using the (mobile) systems and that they provide a mechanism for authentication (the system/the app/and the user).

Current challenges and limitations
  • Clarification, methods and definition of potential secondary use of medical data
  • Single, safe and publicly accepted (cross-border) data accessing methods
  • Interoperable and thereby fully exchangeable cross-border health data transfer
    • g. still no European cross-border CoViD-19 contact tracing application
  • Strong data-sharing mechanisms across the EU

 

What benefit could this bring to adopters of this innovation?

Adoption of this innovation will:

–          Boost data sharing across sectors and the Member States.

–          Increase trust in data sharing, strengthen mechanisms to increase data availability and overcome technical obstacles to the reuse of data.

–          Enable the use of pseudonymizing data for research or disease monitoring purposes across the Member States

–          Support the set-up and development of common European data spaces in strategic domains, involving both private and public players: health, environment, energy, agriculture, mobility, finance, manufacturing, public administration and skills.

–          Allow entrusted cross-border medical data transfer (corresponding the demands of free movement of citizens)

–          Enlarge data pool for trusted scientific institutions, to boost research and development

 

How does it contribute to major EU policy priorities? (e.g. EHDS, COVID-19, DTHC etc.)

The ongoing actions and initiatives, concord basically with the main policy priorities, listed in the EHDS and DTHC. The European Health Data Space, as well as the Digital Transformation of Health & Care, for example, aim for a high level of data quality and strong infrastructure and interoperability.

 

Examples

European Data Governance

European Data Governance

Approach or solution Proposal for a Regulation on European data governance (Data Governance Act)   Organisation or initiative European Commission, Member States   URL or reference https://ec.europa.eu/digital-single-market/en/european-data-governance   Summary of the innovation “The proposal is the first of a set of measures announced in the... ...

EU Login

EU Login

Approach or solution “The EU Login app is developed by EC DIGIT.D.3 to facilitate your day-to-day authentication. Once you have registered your device with your EU Login account, authentication can be done with just your PIN code when accessing EU Login protected applications using the... ...

Pseudonymisation, re-identification and statistical disclosure control

Pseudonymisation, re-identification and statistical disclosure control

Approach or solution When sharing data e.g. for research or disease monitoring purposes, pseudonyms are frequently used to enable matching of data from different sources to the same person. This data often includes information about age, gender, nationality. Statistical Disclosure Control enables to manage the... ...

European Health Data Space

European Health Data Space

Approach or solution Data space, holding different types of health data, for primary and secondary use. This data space complies with the GDPR. Technical and semantic interoperability are in focus to enable various IT tools to use the data.   Organisation or initiative European Commission... ...

What is on the horizon?

In the innovation area of data protection, access and authorization tools, we see a lot of past and present initiatives with the participation of many relevant institutions in the EU and worldwide.

 

The transition from well-defined and particular areas, where health data was mainly handled within a single organisation, towards an environment where health data is shared between multiple entities, increases the potential risk for data fraud. Moreover, facilitated by mobile applications, the patient/citizen will become a bigger part in providing, sharing and accessing digital data. Technologies to ensure data protection means to authorize the users and manage the access to data, must find their way to the mobile end-user devices. Besides, also the patients/citizens must be trained to follow best-practices when it comes to sharing of their health data (digital literacy).

 

 

Keywords
European Health Space, EU Login, secondary-use, 2-factor authentication