Members of the European Parliament today voted in plenary by a large majority in favour of the creation of a “European Health Data Space”, which would bring together information on all medical treatment received by citizens in a remotely accessible and interconnected electronic health records system. Thanks to an amendment tabled by the European Pirates delegation and Patrick Breyer (German Pirate Party), together with MEPs from S&D, Greens and the Left, a parliamentary majority voted at the last minute to allow Member States to give their citizens a right to object to the collection of their health records in a remotely accessible and interconnected system. Such right to opt-out exists in Germany and Austria already.
The final wording of the law will need to be negotiated with the EU governments, whose mandate does not so far allow for a right to object to the collection of health data. Other amendments initiated by Breyer, according to which patients should be asked before their patient data is made available to doctors or researchers, were not supported by a majority.
”A compulsory electronic patient file with Europe-wide access entails irresponsible risks of theft, hacking or loss of the most personal treatment data and threatens to deprive patients of any control over the collection of their illnesses and disorders,” emphasises Breyer, co-lead negotiator for the Greens/European Free Alliance group in the EU Parliament’s Civil Liberties Committee. “This is nothing other than the end of medical confidentiality. Have we learnt nothing from the international hacker attacks on hospitals and other health data?
“If every mental illness, addiction therapy, every potency weakness and all abortions are forcibly networked, worried patients risk being deterred from urgent medical treatment – this can make people ill and put a strain on their families! In the trilogue negotiations, I will fight to ensure that national opt-out schemes are clearly allowed for in the legislation.”
In the final vote, Breyer opposed the bill. There was no majority for amendments to the rule that patients will need to actively object to disclosing their health data to healthcare providers and researchers (opt-out). Citizens will not be asked for consent or asked verbally whether they wish to opt out.
Breyer explains: “For many patients who have little time or limited language skills, or who are older, it is too complicated to have to object in writing to a specific authority or to use digital tools to object. International standards such as the International Code of Medical Ethics of the World Medical Association or the Helsinki Declaration on the Ethical Principles of Medical Research have so far required that the patient’s consent be obtained before medical information is disclosed. An opinion poll we commissioned confirms that citizens expect to be asked for their consent before their health data is shared. Every website asks us for permission before setting a cookie, but we are not to be asked before our health data is shared? This system takes away patients’ control over their data and is unacceptable.”
According to a survey by the European Consumer Organisations (BEUC), 44% of citizens are concerned about the theft of their health data, and 40% fear unauthorised data access.
The first round of trilogue negotiations between the EU Council, EU Parliament and EU Commission is due to take place tomorrow. The Parliament‘s rapporteur wants to finalise the negotiations by 2024.