Findata has led the authoring of a European guideline developed as part of the TEHDAS2 joint action. The guideline helps health data access bodies (HDABs) process data access applications and requests for the secondary use of health data consistently across the EU, and supports the practical implementation of the European Health Data Space (EHDS) Regulation.
The guideline provides HDABs with concrete steps for handling applications throughout the full process: from receipt and pre-screening through to decision-making and follow-up.
It covers both requests for anonymised statistical data and applications for access to individual-level data.
A clear distinction between pre-screening and substantive assessment
At the heart of the guideline is a clear separation of the application process into distinct phases. Pre-screening establishes whether an application is formally complete and ready for processing. The application then moves to substantive assessment, where the authority determines whether the legal criteria for granting access are met.
This distinction makes the process more transparent for both authorities and applicants: applicants know where their application stands, and authorities can handle cases consistently within the time frames set by the Regulation.
“We wanted to create a practical tool that health data access bodies can use in their day-to-day decision-making under the EHDS,” says Rosa Juuti, Senior Specialist at Findata and lead author of the guideline.
“A consistent process matters for authorities, but it also matters for applicants: researchers and organisations should be able to trust that they will receive fair and equal treatment, regardless of which country they are applying to for data.”
Guidance for different types of applications
In practice, health data access bodies encounter a wide variety of applications. The guideline provides operational guidance for situations including research projects that require data from multiple EU countries via the HealthData@EU platform, as well as projects combining EHDS data with other datasets.
It also sets out how authorities should handle the protection of personal data, trade secrets and intellectual property rights in accordance with the EHDS Regulation and the GDPR.
The guideline is based on expertise from TEHDAS2 partners and feedback received through a public consultation. It is non-binding, but is intended as practical support particularly in the early stages of EHDS implementation, when common established practices are still taking shape.
The guideline also includes application form and decision templates, intended to feed into the work of the regulatory committee preparing the EHDS implementing act on standard documents for applications and decisions.