Skip to main content
Home

Requirements for operating in the EHDS

Completion requirements

The European Health Data Space (EHDS) establishes a regulatory and technical framework for the secure and ethical use of health data across Europe. Cancer Image Europe is designed to comply with EHDS requirements, ensuring the protection of personal and health data.

 

The European Health Data Space (EHDS) and Cancer Image Europe

European Health Data Space img

 

1. Introduction to the European Health Data Space

The European Health Data Space (EHDS) is a legislative initiative aimed at creating a unified framework for the management and sharing of electronic health data across EU member states. Announced in the European data strategy of February 2020, the EHDS seeks to enable the secure and lawful reuse of health data while ensuring compliance with the General Data Protection Regulation (GDPR) and other relevant legislative frameworks.

The main objectives of the EHDS are:

  • Enhancing individuals' control over their electronic health data.
  • Establishing a legal framework with trusted governance mechanisms and a secure processing environment.
  • Contributing to a single market for digital health products and services.

2. EHDS-R: The Framework for Secondary Use of Health Data

The EHDS-R (European Health Data Space Regulation) is a key component of the EHDS, designed to enable the secure secondary use of electronic health data across borders through the HealthData@EU infrastructure. This regulatory framework ensures that health data can be used for research, policy-making, public health, and regulatory decisions while maintaining strict security and governance protocols.

Key Provisions of EHDS-R:

  • HealthData@EU Participation: The regulation allows health-related research infrastructures or similar structures, operating under Union law, to become authorized participants in HealthData@EU.
  • Article 52(4): Defines the process for authorizing participants and connecting them to the European infrastructure, including research institutions, health-related organizations, and international bodies.
  • Recital 55b: Identifies the role of European Research Infrastructure Consortia (ERICs), European Digital Infrastructure Consortia (EDICs), and other Union-based structures in ensuring cross-border data interoperability and usage.

2.1 Requirements and Secure Processing Environment

A fundamental aspect of the EHDS-R is the establishment of a secure processing environment that guarantees the protection of electronic health data. The regulation mandates that health data access bodies ensure that access is provided exclusively within such controlled environments, preventing unauthorized extraction or manipulation of data. In line with Article 50, stringent technical and organizational measures must be implemented, including access restrictions, data integrity checks, and continuous security monitoring. Furthermore, ongoing data curation is required to maintain data accuracy, completeness, and relevance, a responsibility assigned to data holders. These requirements, including the conditions for obtaining a data quality and utility label, are still in the process of being defined at the European level and will evolve through dedicated regulatory acts and technical specifications.

2.2 Cancer Image Europe's Role within EHDS-R

Cancer Image Europe is expected to play a significant role within EHDS-R by adopting specific operational models to ensure compliance and alignment to the EHDS. These include acting as a secure data repository (ATLAS) for institutions needing hosting and processing, serving as an authorized participant in HealthData@EU with a comprehensive dataset catalog, offering specialized services in medical image analysis and health data processing, and facilitating cross-sectoral integration with other European Data Spaces such as environment, agriculture, and social sciences.

2.3 Data Accessibility and Quality Standards

The EHDS-R emphasizes the importance of making health data findable and reusable, ensuring high-quality, structured datasets for scientific, regulatory, and societal benefits. Dataset Definition (Article 2) establishes clear parameters for defining and cataloging health datasets. Meanwhile, the Dataset Quality and Utility Label (Article 56) implements a standardized labeling system to assess aspects such as data documentation (metadata, standards, provenance, data model), technical quality (completeness, accuracy, timeliness, consistency), coverage and representativeness of datasets, and accessibility and processing conditions.

By aligning with these regulatory requirements, Cancer Image Europe ensures its compliance with EHDS-R, supporting secure data-sharing frameworks while upholding high standards for data protection and governance.

3. Cancer Image Europe and EHDS

Cancer Image Europe aligns with the broader European Strategy for Data, including the Digital Decade Policy Programme 2030 and the EHDS. Ensuring the fundamental rights of patients and data protection compliance are core principles in the design of the Cancer Image Europe Data Repository.

Key Compliance Measures:

  • GDPR Compliance: Personal data processing will adhere to GDPR principles, including data minimization and anonymization.
  • Secure Processing Environment (SPE): In line with Article 50 of the EHDS proposal, ensuring robust security and interoperability measures.
  • Pseudonymization and Ethical Considerations: Allowing pseudonymized health data usage when justified, while incorporating AI ethics principles defined by the European Commission's High-Level Expert Group.
  • Interoperability and Standardization: Cancer Image Europe will align with the European Interoperability Framework, leveraging HealthDCAT-AP standards for metadata structuring in cancer imaging and related domains.

4. Useful Guidelines

To further enhance compliance and implementation, the following reference documents and guidelines are essential:

  • TEHDAS Project (2022): Primary recommendations to foster GDPR-compliant data altruism mechanisms for EHDS.
    Available at: TEHDAS Report
  • Regulatory Frameworks: Including GDPR, the Data Act, AI Act, and Data Governance Act (DGA), which shape the legal infrastructure for EHDS implementation.
  • Security and Compliance Measures: Article 50 of the EHDS proposal outlines security provisions to restrict access, ensure logging, and conduct regular audits for compliance monitoring.

By adhering to these guidelines and legislative frameworks, Cancer Image Europe aims to serve as a pivotal structure within the EHDS, facilitating the secure and lawful exchange of electronic health data across Europe.

◄ Ethics, Privacy and Patient Rights Commitments of Cancer Image Europe
User Roles, Onboarding Procedures & Access Governance in Cancer Image Europe ►

Cancer Image Europe is a research infrastructure established by the EUCAIM project, a flagship action of the European Cancer Imaging Initiative.

This project is co-funded by the European Union under Grant Agreement 101100633. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Commission. Neither the European Union nor the granting authority can be held responsible for them.

© 2025, European Federation for Cancer Images (EUCAIM) Project Consortium. All Rights Reserved.