Skip to content
EHDS Jurist — Mr. Dr. Antoinette Vlieger
NL/EN
Back to the regulation
Recital 72

Recital 72

Given the sensitivity of electronic health data, it is necessary to reduce risks for the privacy of natural persons by applying the data minimisation principle. Therefore, non-personal electronic health data should be made available in all cases where the provision of such data is sufficient. If the health data user needs to use personal electronic health data, it should clearly indicate in its request the justification for the use of that type of data and the health data access body should assess whether that justification is valid. The personal electronic health data should only be made available in pseudonymised format. Taking into account the specific purposes of the processing, personal electronic health data should be pseudonymised or anonymised as early as possible in the process of making data available for secondary use. It should be possible for pseudonymisation and anonymisation to be carried out by health data access bodies or by health data holders. As controllers, health data access bodies and health data holders should be allowed to delegate those tasks to processors. When providing access to a pseudonymised or anonymised dataset, a health data access body should use state-of-the-art pseudonymisation or anonymisation technology and standards, ensuring to the maximum extent possible that natural persons cannot be re-identified by health data users. Such technology and standards for data pseudonymisation or anonymisation should be further developed. Health data users should not attempt to re-identify natural persons from the dataset provided under this Regulation, and where they do so they should be subject to administrative fines and enforcement measures laid down in this Regulation or possible criminal penalties, where national law so provides. Moreover, a health data applicant should be able to request a response to a health data request in an anonymised statistical format. In such cases, the health data user will only process non-personal data, and the health data access body will remain sole controller for any personal data necessary to provide the response to the health data request.