Machine Learning and Data Analytics Lab, Department of Artificial Intelligence in Biomedical Engineering, Friedrich-Alexander-Universität Erlangen-Nürnberg, Erlangen, Germany.
Harvard Business School and Harvard-MIT Center for Regulatory Science, Boston, MA, USA.
Lancet Digit Health. 2023 Nov;5(11):e840-e847. doi: 10.1016/S2589-7500(23)00156-5. Epub 2023 Sep 21.
The European Commission's draft for the European Health Data Space (EHDS) aims to empower citizens to access their personal health data and share it with physicians and other health-care providers. It further defines procedures for the secondary use of electronic health data for research and development. Although this planned legislation is undoubtedly a step in the right direction, implementation approaches could potentially result in centralised data silos that pose data privacy and security risks for individuals. To address this concern, we propose federated personal health data spaces, a novel architecture for storing, managing, and sharing personal electronic health records that puts citizens at the centre-both conceptually and technologically. The proposed architecture puts citizens in control by storing personal health data on a combination of personal devices rather than in centralised data silos. We describe how this federated architecture fits within the EHDS and can enable the same features as centralised systems while protecting the privacy of citizens. We further argue that increased privacy and control do not contradict the use of electronic health data for research and development. Instead, data sovereignty and transparency encourage active participation in studies and data sharing. This combination of privacy-by-design and transparent, privacy-preserving data sharing can enable health-care leaders to break the privacy-exploitation barrier, which currently limits the secondary use of health data in many cases.
欧盟委员会的欧洲健康数据空间(EHDS)草案旨在赋予公民访问其个人健康数据的权利,并与医生和其他医疗保健提供者共享数据。它进一步定义了电子健康数据用于研究和开发的二次使用程序。尽管这项拟议的法规无疑是朝着正确方向迈出的一步,但实施方法可能会导致集中式数据孤岛,从而给个人带来数据隐私和安全风险。为了解决这个问题,我们提出了联邦个人健康数据空间,这是一种存储、管理和共享个人电子健康记录的新架构,将公民置于中心地位-无论是在概念上还是在技术上。通过在个人设备上存储个人健康数据,而不是在集中的数据孤岛中存储,该架构使公民能够控制个人健康数据。我们描述了这种联邦架构如何适应 EHDS,并能在保护公民隐私的同时实现集中式系统的相同功能。我们进一步认为,增加隐私和控制权并不与为研究和开发使用电子健康数据相矛盾。相反,数据主权和透明度鼓励积极参与研究和数据共享。这种隐私设计和透明、保护隐私的数据共享的结合,可以使医疗保健领导者打破隐私利用的障碍,目前这一障碍限制了许多情况下对健康数据的二次使用。
