Author: First name – Last name * Date: XX/XX/XXXX * Version: X (not final)
The use of personal data for health-related research and demonstrating compliance with the GDPR
www.efpia.eu
ISC, 27th April 2017
2www.efpia.eu
RAND Study on Value of Health Data
Types of value: core messages
The benefits of health data fall into 3 core categories
For R&D and innovation
For pharmacovigilance and
public health
For health care delivery and
health systems more widely
Source : RAND Europe
Creating supportive health data ecosystems: key findings
1. Collaboration
and coordination
(independencies in
value capture)
2. Public
acceptability
5. Workforce
capacity
4. Data quality and
interoperability
3. Data protection
regulation
Source: RAND Europe
Key Benefits of Health Data
Health service planning, demand management, commissioning,Pharmacovigilance, HTA, reimbursement
R&D efficiencies, improved responseTo patient need, rational reimbursement,New industries - analytics
New types of analysisStronger evidence baseFor funding
Improved decision-makingPatient self-managementCPD
More Personalised careEmpowerment to engage in decision-making
6
Who should be responsible for shaping datagovernance arrangements?
How do we align approaches to consent andreuse?
If there are choices/trade-offs to be made toensure public acceptability of uses of data, whichconsiderations are most important to patients?
BBMRI code of conduct:
• GDPR implementation is complex
• GDPR is not alone in the EU’s plans for digital
• Code approach is a good basis for collective engagement and external accountability endorsed by the Commission
7
Here’s the question
• Recitals 33,34,53,159,161
• Articles1,4,5,6,9,13,14,15,16,17,18,19,20,21,22,32,34,89
8
…and the answer
• Recitals 33,34,53,159,161
• Articles1,4,5,6,9,13,14,15,16,17,18,19,20,21,22,32,34,89
• Recitals and articles in the GDPR which provide some latitude to Member States to shape the GDPR in relation to research
9
10www.efpia.eu
type status relevance
GDPR Legislation In effect 5/18
Research provisionsVBOCInternational data transfers
***
******
E-privacy Legislation Adopted1/17
Transmission of information
*
IMI Do-it Stakeholdersolution
Minimum consent standards
***
EMA disclosure policy
Policy Technical standards **
standards development
Stakeholder solutions
Various initiatives
Anonymisation, consent, pseudonymisation
***
Personal Data
11www.efpia.eu
type status relevance
Building a European digital economy
consultation Concludes Q2 2017 – normally followed by legislative proposals
Free movementOwnershipAccessLiabilityData portablity
**********
Non-personal data
12www.efpia.eu
Type Status relevance
SANTE-CONNECT JTF Expert group Launched 2/17
M-health code Code of conduct Under review Code for apps developers
*
E-Health network
European Reference networks
Investment –being launched
Exchange of data on rare disease
**
Member state health data initiatives
Normally to advance public health
*
Council of Europe Political/policyguidance
On-going Research ethics and data protection
**
OECD health data governance
Political/policyguidance
Policy frameworkadopted 1/17
Comprehensive framework forgovernance
***
Health Data
Reasons for exploring a cross-sectoral code
• The GDPR provides for the use of codes in implementing the GDPR
• Health Data is a multiple source/multiple user environment
• The Commission has indicated the importance of the “representativeness” of codes
• External accountability
13
www.efpia.eu
EFPIA Brussels OfficeLeopold Plaza Building * Rue du Trône 108
B-1050 Brussels * BelgiumTel: + 32 (0)2 626 25 55
www.efpia.eu * [email protected]