Recital 46

Compliance with essential requirements on interoperability and security should be demonstrated by the manufacturers of EHR systems through the implementation of common specifications. To that end, implementing powers should be conferred on the Commission to determine such common specifications regarding datasets, coding systems, technical specifications, standards, specifications and profiles for data exchange, as well as requirements and principles related to patient safety and the security, confidentiality, integrity and protection of personal data, and specifications and requirements related to identification management and the use of electronic identification. Digital health authorities should contribute to the development of such common specifications. Where applicable, those common specifications should be based on existing harmonised standards for the harmonised software components of EHR systems and be compatible with sectoral law. Where common specifications have a particular importance in relation to personal data protection requirements concerning EHR systems, they should be subject to consultation with the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) before their adoption, pursuant to Article 42(2) of Regulation (EU) 2018/1725.