How the EU Commission nationalizes health data

The healthcare sector needs digitization, that is undisputed. The focus of the public debate so far has been on efficiency gains and cost savings, as well as data-driven improvements in care. The potential is enormous, because digitization creates resilience and strengthens Europe’s economic sovereignty, and – most importantly – it can cushion the industry’s biggest problem: Staff shortages. Digital innovations offer the only chance to defuse this problem, which has not yet reached the public’s awareness clearly enough. Because speed in digitization is no longer a desirable goal, but a bitter necessity.
The focus will have to shift to innovations that increase efficiency and thus save resources. In particular, the automation of documentation can free up personnel to a considerable extent. So it is specifically about data-driven innovation. However, access to health data by academic players and the resulting scientific publications will hardly help. Only speed and short development cycles can help – and these can only be achieved through competition and industrial solutions.
Legal certainty and clear guidelines for the use of data are essential prerequisites for innovation. At the moment, however, we are seeing exactly the opposite, with the EU Commission presenting new regulations at an unprecedented pace: The Data Governance Act, the Data Act, the AI Regulation, and the European Health Data Space Regulation (“EHDS-VO-E”). Many of these regulations are being discussed in parallel at the European and national levels. As a result, it is difficult for most companies in the industry to imagine in concrete terms what these regulations might mean in practice for their own business.
The following aspects of the draft are particularly critical:
1. citizens are literally disenfranchised, and the right to informational self-determination is lost. The scope of the consent-free secondary use of data is tantamount to a complete loss of control by those affected.
2. If this data is nationalized, a kind of data socialism is created. This is because the regulation created an obligation for companies to provide all health data to so-called “access points.” The obligation to disclose all data collected in primary use destroys the motivation to gain an edge, for example, in publishing research results, through the cost-intensive collection of particularly good and structured data – this inevitably weakens Europe as a business location.
3. The greatest danger is that the dystopia of the “transparent citizen” will come true. Despite the ban, re-identification cannot be ruled out and the privacy of those affected is at risk, because data leaks basically provide everyone with the necessary profiles for re-identification – and large platform companies have access to quite a bit of personal data anyway. Initially anonymized and basically pseudonymized individual data records can often be reassigned to the original persons by linking them with other data records. The broad provision of anonymized and pseudonymized individual data records envisaged by the draft regulation is therefore problematic.

The problem of anonymized data sets
Anonymization of health data describes the process by which the personal parts of a data record, which are usually sensitive and worthy of protection, are removed or changed. This ensures that they can no longer be assigned to the specific person, or only with disproportionate effort. This forms the basis of the secondary use of health data and pursues the goal of protecting the privacy of patients and preventing misuse. Anonymization can be reversed by selectively linking different data sets – so-called re-identification. The problem is not limited to the healthcare industry. A specific case arose in 2007, for example, when Netflix published ten million movie rankings. Although these were anonymized and identifying data was replaced by random numbers, researchers managed to de-anonymize parts of the dataset by matching them with rankings and their timestamps from other movie websites – personal data was revealed.
Preventing the creation of user profiles is difficult given the complexity of the systems and algorithms used. In addition, it is difficult to prove illegal use of data or violations of competition law. Legal measures introduced subsequently have been ineffective to date because the massive networking of different areas of life has created dependencies that make subsequent unbundling impracticable.

(editorially abridged)

Author(s) Source
Vilsmeier S (CEO of Brainlab AG) FAZ 28.02.2023 (“Digitalisierung Europas: Wie die EU-Kommission Gesundheitsdaten verstaatlicht (german original)
This is a post of a scientific or business information. The information given here is checked thoroughly by “Implant-Register”. However we can´t be responsible for the content. The content usually is shortened to make it understandable for many. Read the linked original text if you are interested. Contact the publisher, if you have questions. You may inform us about changes of the information to improve the Register.
Comments: n/a
let us know