Sprache ändern: English

Pirates call for a halt to plans for the EU health data space

European Parliament Freedom, democracy and transparency Press releases

The European Parliament is to give its final nod to the regulation on the creation of a “European Health Data Space” (EHDS) today. According to this regulation, information on all medical treatment, including vaccination status, medication and pregnancies, laboratory and discharge reports, is to be stored digitally for all patients. This information will be remotely accessible to a large number of organisations throughout Europe in an identifiable (only pseudonomised) way. As shadow rapporteur and co-negotiator of the regulation for the Committee on Home Affairs (LIBE), Pirate Party MEP Patrick Breyer, warns of a loss of control by patients over sensitive health data and a loss of medical confidentiality and will vote against.

“We Pirates support the idea of an EU health data space, but not at the price of sacrificing patient control and medical confidentiality in favour of government, big pharma and big tech data access. The EU’s health data space can benefit cross-border treatments and medical progress – but these advantages could have been had by relying on patient consent and full anonymisation, which the final agreement fails to ensure. The agreed design of the regulation is against the clear will of the people. We Pirates stand up for patient rights and reject this sell-out of their health data. Information about our physical and mental health is extremely sensitive and reveals our addictions, mental disorders, abortions, sexually transmitted diseases and reproductive disorders. If we cannot rely on such information being treated confidentially by our doctors, we may no longer seek treatment, and the risk of suicide by some patients may increase.

The EU is allowing the most sensitive patient files to be collected, interconnected and disclosed without ensuring that patients are in control of their data. ‘Anything goes, no obligations’ is not an approach that patients can trust. Without trust, a European Health Data Space cannot work. According to surveys, more than 80% of EU citizens want to decide for themselves about the sharing of their patient records. The majority of them want to be asked for consent. The EU deal is far from achieving this. It betrays the interests and will of patients in order to sell their data to Big Tech and pharmaceutical giants. We Pirates strongly reject the disenfranchisement of patients that this design of the European Health Data Space entails. 

Patients will have no right to refuse EU-wide cross-border access to their health records by foreign practitioners, researchers, and governments. The right to object specifically to cross-border data access is not provided for in the regulation in a legally secure manner. This is contrary to the interests and will of patients, only a minority of whom, according to opinion polls, want cross-border access to their patient records across Europe. Moreover, it does not come close to doing justice to the sensitivity of health data, which ranges from addictions, mental disorders, and abortions to sexually transmitted diseases and reproductive disorders.

The regulation is designed to maximise the exploitation of our personal health data, not to serve the interests of patients. Contrary to the European Parliament’s original position, for example, sensitive health data does not have to be stored in Europe, which could result in storage in US cloud services, for example. The EU Parliament has also abandoned its call for independent certification of the security of European health data systems.

In future, doctors treating patients throughout Europe will be able to view their entire patient file without their consent – unless they explicitly object. Technology companies and the pharmaceutical industry will also have access to both anonymised and personally identifiable (only pseudonymised) patient files throughout Europe without the patient’s consent inter alia for product development, innovation and training artificial intelligence – unless the patient expressly objects. We know that only a fraction of the patients who oppose third-party external access to their health data will actually go through a complicated objection procedure. Even for our DNA and information recorded by personal wellness apps, the European Parliament has given up requiring consent as a precondition of third-party access. In addition, all patient rights to object can be circumvented by Member States retaining the right to operate national health record schemes under their own rules, without any guaranteed patient rights and without any limitation in time.

Even under the EHDS scheme itself, health ministries, health institutions and universities will have access to personal health data without a guaranteed right of the patient to opt out, even though polls show that most patients oppose government access to their health records. The accessible records will include psychological and addiction therapies, abortions, sexual, and reproductive disorders. To us Pirates, patient control over their data and the protection of medical confidentiality is not negotiable, so that this design of the European Health Data Space is unacceptable.“

The European Consumer Organisation BEUC and the data protection network EDRi have criticised the agreement, too.