Stay ahead with the EMEA Thought Leadership insights: your source for industry-leading expertise and analysis
-
Americas
-
Asia & Oceania
-
A-I
J-Z
EMEA Thought Leadership
Developing IQVIA’s positions on key trends in the pharma and life sciences industries, with a focus on EMEA.
Learn more -
Middle East & Africa
EMEA Thought Leadership
Developing IQVIA’s positions on key trends in the pharma and life sciences industries, with a focus on EMEA.
Learn more
Regions
-
Americas
-
Asia & Oceania
-
Europe
-
Middle East & Africa
-
Americas
-
Asia & Oceania
-
Europe
Europe
- Adriatic
- Belgium
- Bulgaria
- Czech Republic
- Deutschland
- España
- France
- Greece
- Hungary
- Ireland
- Israel
- Italia
EMEA Thought Leadership
Developing IQVIA’s positions on key trends in the pharma and life sciences industries, with a focus on EMEA.
Learn more -
Middle East & Africa
EMEA Thought Leadership
Developing IQVIA’s positions on key trends in the pharma and life sciences industries, with a focus on EMEA.
Learn more
SOLUTIONS
-
Research & Development
-
Real World Evidence
-
Commercialization
-
Safety & Regulatory Compliance
-
Technologies
LIFE SCIENCE SEGMENTS
HEALTHCARE SEGMENTS
- Information Partner Services
- Financial Institutions
- Global Health
- Government
- Patient Associations
- Payers
- Providers
THERAPEUTIC AREAS
- Cardiovascular
- Cell and Gene Therapy
- Central Nervous System
- GI & Hepatology
- Infectious Diseases and Vaccines
- Oncology & Hematology
- Pediatrics
- Rare Diseases
- View All
Impacting People's Lives
"We strive to help improve outcomes and create a healthier, more sustainable world for people everywhere.
LEARN MORE
Harness the power to transform clinical development
Reimagine clinical development by intelligently connecting data, technology, and analytics to optimize your trials. The result? Faster decision making and reduced risk so you can deliver life-changing therapies faster.
Research & Development OverviewResearch & Development Quick Links
Real World Evidence. Real Confidence. Real Results.
Generate and disseminate evidence that answers crucial clinical, regulatory and commercial questions, enabling you to drive smarter decisions and meet your stakeholder needs with confidence.
REAL WORLD EVIDENCE OVERVIEWReal World Evidence Quick Links
See markets more clearly. Opportunities more often.
Elevate commercial models with precision and speed using AI-driven analytics and technology that illuminate hidden insights in data.
COMMERCIALIZATION OVERVIEWCommercialization Quick Links
Service driven. Tech-enabled. Integrated compliance.
Orchestrate your success across the complete compliance lifecycle with best-in-class services and solutions for safety, regulatory, quality and medical information.
COMPLIANCE OVERVIEWSafety & Regulatory Compliance Quick Links
Intelligence that transforms life sciences end-to-end.
When your destination is a healthier world, making intelligent connections between data, technology, and services is your roadmap.
TECHNOLOGIES OVERVIEWTechnology Quick Links
CLINICAL PRODUCTS
COMMERCIAL PRODUCTS
COMPLIANCE, SAFETY, REG PRODUCTS
BLOGS, WHITE PAPERS & CASE STUDIES
Explore our library of insights, thought leadership, and the latest topics & trends in healthcare.
DISCOVER INSIGHTSTHE IQVIA INSTITUTE
An in-depth exploration of the global healthcare ecosystem with timely research, insightful analysis, and scientific expertise.
SEE LATEST REPORTSFEATURED INNOVATIONS
-
IQVIA Connected Intelligence™
-
IQVIA Healthcare-grade AI™
-
IQVIA AI Assistant
-
Human Data Science Cloud
-
IQVIA Innovation Hub
-
Decentralized Trials
-
Patient Experience Solutions with Apple devices
WHO WE ARE
- Our Story
- Our Impact
- Commitment to Global Health
- Code of Conduct
- Sustainability
- Privacy
- Executive Team
NEWS & RESOURCES
Unlock your potential to drive healthcare forward
By making intelligent connections between your needs, our capabilities, and the healthcare ecosystem, we can help you be more agile, accelerate results, and improve patient outcomes.
LEARN MORE
IQVIA AI is Healthcare-grade AI
Building on a rich history of developing AI for healthcare, IQVIA AI connects the right data, technology, and expertise to address the unique needs of healthcare. It's what we call Healthcare-grade AI.
LEARN MORE
Meet the IQVIA AI Assistant
Your new expert analyst is here. Be at the forefront of data-driven decision-making with a new generative AI tool that enables you to interact with our products and solutions like never before. Get results you can trust, faster.
LEARN MORE
Your healthcare data deserves more than just a cloud.
The IQVIA Human Data Science Cloud is our unique capability designed to enable healthcare-grade analytics, tools, and data management solutions to deliver fit-for-purpose global data at scale.
LEARN MORE
Innovations make an impact when bold ideas meet powerful partnerships
The IQVIA Innovation Hub connects start-ups with the extensive IQVIA network of assets, resources, clients, and partners. Together, we can help lead the future of healthcare with the extensive IQVIA network of assets, resources, clients, and partners.
LEARN MORE
Proven, faster DCT solutions
IQVIA Decentralized Trials deliver purpose-built clinical services and technologies that engage the right patients wherever they are. Our hybrid and fully virtual solutions have been used more than any others.
LEARN MORE
IQVIA Patient Experience Solutions with Apple devices
Empowering patients to personalize their healthcare and connecting them to caregivers has the potential to change the care delivery paradigm.
LEARN MOREIQVIA Careers
Featured Careers
Stay Connected
WE'RE HIRING
"At IQVIA your potential has no limits. We thrive on bold ideas and fearless innovation. Join us in reimagining what’s possible.
VIEW ROLESBlog
European Health Data Space - Here’s how this will affect your organisation
We outline what the EHDS is and what it means for you
Mar 06, 2025
1. What is it?
The European Health Data Space (EHDS) is a hugely impactful piece of EU legislation, aiming to create a single digital health data infrastructure across the EU and beyond. It will affect almost all citizens and healthcare organisations within the EU.
Currently, there is significant fragmentation between each EU Member States’ rules and infrastructure for accessing electronic health data, which hinders, patients, healthcare professionals, researchers, innovators and governments from fully utilizing this data for the public benefit. The EHDS regulation is designed to overcome these barriers by creating a unified legal framework, and infrastructure, to enable open access to, and use of, almost all electronic health data.
The EHDS sets out two infrastructures: one for patients to share their health records, so they can receive care across providers and borders (primary use); and another to enable the re-use of health data for research, innovation, policy, regulation etc (secondary use).
This blog will focus on the latter re-use of health data for secondary use.
The regulation is part of the EU’s aim to create a single market for data and establish several common European Data Spaces in areas such as health, mobility, and agriculture. Health is the first of these European Data Spaces.
2. What data will be affected?
The health data affected by the EHDS is comprehensive and defined flexibly to accommodate the evolving nature of health data. As such, it includes ‘health data’ in the simple English sense of the word (i.e. data that relates to someone’s physical or mental health, such as electronic health records and genetic data), but also includes data that may influence health (such as sociodemographic data), or that is produced from healthcare services (such as wellness app data, data on homelessness, consumption of substances, clinical trials, registries, etc.).
3. Who will be affected?
The EHDS will affect every person or entity who interacts with health data. The impact depends on your role within the EHDS, as a ‘health data holder’, ‘health data user’ and/or ‘Health Data Access Body
- Health data holder: in essence, any person or organisation that controls the use of health data. The health data holder is responsible for registering information about its health data in a publicly available catalogue and making it available for reuse, either upon request or by uploading to public databases.
- Health data user: someone that applies to access and use health data for specific purposes. This includes research, innovation, education, training, policymaking, health service management, and official statistics.
- Health Data Access Bodies (HDAB): broker entities established by every Member State. They will adjudicate access requests to health data, process the data, host the data access, monitor compliance of stakeholders to the EHDS regulation and report on the performance of the EHDS network. A European equivalent will be established to accommodate data requests for the Union’s own data and as a fallback for hosting the data access of multi-country data requests.
4. How will it work?
The EHDS establishes a secure infrastructure for the reuse of electronic health data. This entails that all stakeholders holding electronic health data must comply with EHDS, aside from individuals and enterprises who employ fewer than 10 people and have an annual turnover lower than 2 million euros (although this exemption may be removed by individual Member States). Here’s how it will work for health data holders:
A. Data discovery:
Register your health data assets in a national dataset catalogue, providing metadata (information about the data) which will enable them to be found and reused. Ambitiously, holders of non-personal health data (i.e. data which doesn’t contain personal data or annonmysed data) should upload that data to ‘trusted open public databases’, the provenance of which is unclear.
B. Data access:
Upon reasonable request from a third party for the health data, which are made to the HDABs, the HDABs have 3 months to process it and instruct you, as a health data holder, to hand over the data. After which you have 3 months to do so.
- What is a ‘reasonable request’?
Reasonable requests (Article 53) include data for a broad range of uses: scientific research in health and health technology (including medicinal products); for the purposes of public interest, including public policymaking, regulation and statistics; and education. It shall not be used for harmful purposes, or for advertising. In line with the GDPR regulation, a request should only apply for the minimum data relevant to answer the research question.
- Can you refuse a request?
No, but there are complaint procedures to the HDABs should you feel it an unlawful request.
Also, if the data is protected by intellectual property rights, trade secrets or data protection then the health data holders can suggest to the HDAB the legal, organisational and technical measures to share such data in a manner that maintains those protections or to refuse access if they cannot. However, determination of which safeguards to apply is in the unknown hands of local HDABs, who are expected to follow forthcoming guidelines set at the European level. Fees can be charged by the HDABs for their services and by the health data holders for compiling and preparing electronic health data to be made available. These fees must be proportionate to the cost of carrying out these tasks.
C. Data preparation
HDABs will provide this data in a secure processing environment within two months after receiving it, once they have completed their unenviable task of preparing, processing, combining and (pseudo) anonymising it. The exact features of the environment need to be clarified but include the option to use third party software such as statistical programmes, and the ability to introduce external data.
Citizens have the reversable right to opt-out from their data being reused. If a citizen opts-out, that data may not be shared from that point in time with health data users even in anonymous form (subject to some very specific exemptions) and so the HDAB/health data holder needs to remove such citizens from the dataset. Member States can also enforce additional safeguards and opt-out or opt-in requirements for specific data types, such as genomic data, wellness app data, and biobanks/databases. There are open questions on how this could work from a practical perspective.
D. Use of Data
The health data user analyses the data within this environment based on the purpose defined in the application phase and cannot download any personal identifiable data.
E. Finalisation
In the last phase, the health data user must publish the results within 18 months (the level of detail here being unclear). The results should be provided in an anonymous format and the health data user must inform the HDAB of the results and must mention in the output that the results have been obtained by using data in the framework of the EHDS.
The above steps are depicted in figure 1.
Figure 1. Schematic of EHDS data reuse infrastructure
A: Data Discovery; B: Data Access; C: Data Preparation; D: Use of Data
5. How will the EHDS affect my organisation?
If the EHDS is implemented successfully, there are clear benefits,including:
- Improved data access: For most data sets, access will be enabled and at low cost. For data sets that are readily accessible or licensable though, the existing channels will remain the fastest route.
- Research and innovation: Greater knowledge of, and access to, health data sets across the EU will enable new and better research and innovation.
- Economic: Greater use of health data within the EU, and the resulting research and innovation, will enable more competition and generate jobs and investment.
However, there are also notable challenges for organisations:
- Compliance Burden: Significant time and resources will be needed by data holders to understand their obligations; assess how obligations are shared between them and their partners; and to establish internal processes to facilitate data access requests.
- Intellectual Property Risks: There are significant risks to data holders’ control over the IP in their data, as they hand over the decision making about IP protections to local HDABs and as competitors are granted access to each other’s data.
6. What does my organisation need to do to prepare?
If your organisation holds health data, you need to examine the impact of the EHDS at the legal, financial, and organizational level:
- Data mapping: Identify and assess what data will be in scope from your own systems.
- Role mapping: determine and document:
- your role, in respect of that data: whether you are a data holder, data user or both; and
- the role of third parties in respect of that data e.g. customers, suppliers, vendors.
- Data cataloguing: To prepare to comply with the requirement to upload metadata of your data assets to your national data catalogue, consider generating in-depth descriptions of datasets including source, scope, main characteristics and the conditions for using the data. These will enable you to standardise the final metadata standards which the European Commission will set out.
Consider your compliance with the European Commission standards regarding ‘data quality and utility labels’. This is mandatory for datasets which have been collected and processed with public funds and requires additional information about the datasets.
- Protecting intellectual property: Identify which protections apply to your organisation’s health data and prepare to advocate for an HDAB protecting these through applying rigorous protections or rejecting an application. Consider specifying the protections you want to put on each data asset as part of your data mapping exercise. For many life-sciences clients IP is of utmost importance and the review will require IP specialists.
- Stay abreast of the EHDS’s implementation: monitor what comes as guidance, standards and legislation from the European Commission. Find and connect with your local HDAB once they are designated.
Under the EHDS, your organisation does not need to digitalize and provide access to non-digital health data. Nor does it need to standardise data, other than electronic health records, or enable the processing of opt-outs. Some of this may change with implementing legislation.
7. When will it come into effect?
Implementation of the EHDS will be staggered, with secondary usage (which has been the focus of this blog) taking effect 4 years after the EHDS enters into force, in respect of most health data (i.e. spring 2029). There will be a further delayed application for genetic data and clinical trial data of an additional 2 years (i.e. spring 2031).
8. What is still unknown?
- How will data be standardised? Health data across the EU is formatted differently between different organisations and health systems and is of varying data quality. This makes it unpracticable to process and reuse data. To fully realise the potential of EHDS, data standardization and or harmonization is therefore required, but it is unclear how the EU or Member States will make the data interoperable across the Union’s health data landscape.
- How will HDABs have the capability and resources to process data and perform their numerous administrative tasks? HDABs are tasked with processing the data, but it isn’t clear whether data holders will also have a role – given the difficulties of processing unfamiliar, unstandardised datasets at scale. It is also not clear whether data access requests could ask for minimally processed data and do the processing themselves to reduce their fees e.g. combining the data themselves rather than paying the HDAB to do it. Even for those tasks and responsibilities of HDABs that are better understood, its unclear how HDABs will achieve the ambitions of the legislation, considering the potentially enormous operational and administrative burdens those tasks will create.
- Who are data holders? Which person or organisation would be classified as a data holder is unclear, as is whether there can be multiple health data holders for the same data. For example, where organisation A is licensing health data from organisation B, which organisation(s) will be the health data holder(s)?
- How will organisations achieve compliance? It is unclear how compliance will be enabled and ensured by data holders or HDABs who cannot practically fulfil their obligations e.g. those who lack the staff to deal with data access requests.
- What will the standards and guidance be? The standards and guidance which provide the details on how EHDS will work, and exactly what organisations need to do, are being developed over the coming years.
- How will opt-ins and opt-outs affect the EHDS? It isn’t clear how the Member States will implement their opt-in and opt-out provisions, and how these will function. For example, how will an HDAB remove individuals from partially anonymized data. It is also unclear how trust in the EHDS amongst citizens will affect the use of these opt-ins and opt-outs, and the resulting representativeness of the data.
- What are trusted open public databases? What the “trusted open public databases” are, and how all non-personal health data across the EU will be uploaded to them, is a significant uncertainty.