	EHDS Reference

EHDS-Index Training

Home \| Ringholm bv \| Learn * Share * Connect \| info@ringholm.com

Article 11

Access by health professionals to personal electronic health data

In short: Health professionals they shall have access to the relevant and necessary personal electronic health data of natural persons under their treatment.

Where health professionals process data in an electronic format, they shall have access to the relevant and necessary personal electronic health data of natural persons under their treatment through the health professional access services referred to in Article 12, irrespective of the Member State of affiliation and the Member State of treatment.
Where the Member State of affiliation of the natural person under treatment and the Member State of treatment of such natural person differ, cross-border access to the personal electronic health data of the natural person under treatment shall be provided through the cross-border infrastructure referred to in Article 23.
The access referred to in paragraphs 1 and 2 of this Article shall include at least the priority categories of personal electronic health data referred to in Article 14.
In line with the principles provided for in Article 5 of Regulation (EU) 2016/679 [GDPR], Member States shall establish rules providing for the categories of personal electronic health data accessible by different categories of health professionals or for different healthcare tasks. Such rules shall take into account the possibility of restrictions imposed under Article 8 of this Regulation.
In the case of treatment in a Member State other than the Member State of affiliation, the rules referred to in paragraph 3 shall be those of the Member State of treatment.
Where access to personal electronic health data has been restricted by a natural person pursuant to Article 8, the healthcare provider or health professional shall not be informed of the restricted content of those data.
By way of derogation from the first paragraph of Article 8, where necessary in order to protect the vital interests of the data subject, the healthcare provider or health professional may be granted access to the restricted electronic health data. Such cases shall be logged in a clear and understandable format and shall be easily accessible for the data subject.
Member States may provide for additional safeguards.

Discussion

Note that 11(4) has the effect that if an EHR receives a request for data from another member state, it shall respond with the data without doing any access control checks. The member state where the patient is being treated (read: probably the EHR, but could be NCP as well) will have to verify whether or not the request for data may be sent, and will have to perform access control rules on the data being returned. If the data being returned is a document, and a member state mandates it, the document contents may have to be filtered to remove some of its content.

(Opionion) If the level of granularity is a 'document' then EHDS is unlikely to require you to filter the document. Local laws may require you to, but EHDS ? Don't think so.

Ringholm advertisement for the EHDS-on-FHIR training course.

Feedback

Please e-mail ehds@ringholm.com should the information on this page be incorrect or incomplete; we welcome your suggestions to improve its content.

About Ringholm bv

Ringholm bv is a group of European experts in the field of messaging standards and systems integration in healthcare IT. We provide the industry's most advanced training courses and consulting on healthcare information exchange standards.