Background: Telemedicine offers potential benefits for health care delivery. However, evidence of cross-border telemedicine data exchange within the European Union (EU) remains limited. The objective of this communication provides a brief outline of the regulatory framework, initiatives, and challenges associated with cross-border telemedicine data exchange in the EU, setting the stage for a comprehensive evidence assessment. Methods: We explore the current regulatory landscape (European Health Data Space), existing initiatives (the European Electronic Health Record Exchange Format), and interoperability challenges (e.g., legal, technical, semantic) facing EU cross-border telemedicine data exchange. Results: There is a need for thorough evidence assessment of cross-border telemedicine and related data movements. Conclusion: Understanding the current landscape of cross-border telemedicine is crucial. This article highlights the need for evidence assessment through a formal review to inform future research and policy initiatives in this domain.

Population biobanks are an increasingly important infrastructure to support research and will be a much-needed resource in the delivery of personalised medicine. Artificial intelligence (AI) systems can process and cross-link very large amounts of data quickly and be used not only for improving research power but also for helping with complex diagnosis and prediction of diseases based on health profiles. AI, therefore, potentially has a critical role to play in personalised medicine, and biobanks can provide a lot of the necessary baseline data related to healthy populations that will enable the development of AI tools. To develop these tools, access to personal data, and in particular, sensitive data, is required. Such data could be accessed from biobanks. Biobanks are a valuable resource for research but accessing and using the data contained within such biobanks raise a host of legal, ethical, and social issues (ELSI). This includes the appropriate consent to manage the collection, storage, use, and sharing of samples and data, and appropriate governance models that provide oversight of secondary use of samples and data. Biobanks have developed new consent models and governance tools to enable access that address some of these ELSI-related issues. In this paper, we consider whether such governance frameworks can enable access to biobank data to develop AI. As Italy has one of the most restrictive regulatory frameworks on the use of genetic data in Europe, we examine the regulatory framework in Italy. We also look at the proposed changes under the European Health Data Space (EHDS). We conclude by arguing that currently, regulatory frameworks are misaligned and unless addressed, accessing data within Italian biobanks to train AI will be severely limited.

Artificial intelligence (AI)-based clinical decision support systems are gaining momentum by relying on a greater volume and variety of secondary use data. However, the uncertainty, variability, and biases in real-world data environments still pose significant challenges to the development of health AI, its routine clinical use, and its regulatory frameworks. Health AI should be resilient against real-world environments throughout its lifecycle, including the training and prediction phases and maintenance during production, and health AI regulations should evolve accordingly. Data quality issues, variability over time or across sites, information uncertainty, human-computer interaction, and fundamental rights assurance are among the most relevant challenges. If health AI is not designed resiliently with regard to these real-world data effects, potentially biased data-driven medical decisions can risk the safety and fundamental rights of millions of people. In this viewpoint, we review the challenges, requirements, and methods for resilient AI in health and provide a research framework to improve the trustworthiness of next-generation AI-based clinical decision support.

The Nordic countries are, together with the United States, forerunners in online record access (ORA), which has now become widespread. The importance of accessible and structured health data has also been highlighted by policy makers internationally. To ensure the full realization of ORA\'s potential in the short and long term, there is a pressing need to study ORA from a cross-disciplinary, clinical, humanistic, and social sciences perspective that looks beyond strictly technical aspects. In this viewpoint paper, we explore the policy changes in the European Health Data Space (EHDS) proposal to advance ORA across the European Union, informed by our research in a Nordic-led project that carries out the first of its kind, large-scale international investigation of patients\' ORA-NORDeHEALTH (Nordic eHealth for Patients: Benchmarking and Developing for the Future). We argue that the EHDS proposal will pave the way for patients to access and control third-party access to their electronic health records. In our analysis of the proposal, we have identified five key principles for ORA: (1) the right to access, (2) proxy access, (3) patient input of their own data, (4) error and omission rectification, and (5) access control. ORA implementation today is fragmented throughout Europe, and the EHDS proposal aims to ensure all European citizens have equal online access to their health data. However, we argue that in order to implement the EHDS, we need more research evidence on the key ORA principles we have identified in our analysis. Results from the NORDeHEALTH project provide some of that evidence, but we have also identified important knowledge gaps that still need further exploration.

BACKGROUND: Art. 50 of the proposal for a Regulation on the European Health Data Space (EHDS) states that \"health data access bodies shall provide access to electronic health data only through a secure processing environment, with technical and organizational measures and security and interoperability requirements\".
OBJECTIVE: To identify specific security measures that nodes participating in health data spaces shall implement based on the results of the IMPaCT-Data project, whose goal is to facilitate the exchange of electronic health records (EHR) between public entities based in Spain and the secondary use of this information for precision medicine research in compliance with the General Data Protection Regulation (GDPR).
METHODS: This article presents an analysis of 24 out of a list of 72 security measures identified in the Spanish National Security Scheme (ENS) and adopted by members of the federated data infrastructure developed during the IMPaCT-Data project.
RESULTS: The IMPaCT-Data case helps clarify roles and responsibilities of entities willing to participate in the EHDS by reconciling technical system notions with the legal terminology. Most relevant security measures for Data Space Gatekeepers, Enablers and Prosumers are identified and explained.
CONCLUSIONS: The EHDS can only be viable as long as the fiduciary duty of care of public health authorities is preserved; this implies that the secondary use of personal data shall contribute to the public interest and/or to protect the vital interests of the data subjects. This condition can only be met if all nodes participating in a health data space adopt the appropriate organizational and technical security measures necessary to fulfill their role.

UNASSIGNED: The potential for secondary use of health data to improve healthcare is currently not fully exploited. Health data is largely kept in isolated data silos and key infrastructure to aggregate these silos into standardized bodies of knowledge is underdeveloped. We describe the development, implementation, and evaluation of a federated infrastructure to facilitate versatile secondary use of health data based on Health Data Space nodes.
UNASSIGNED: Our proposed nodes are self-contained units that digest data through an extract-transform-load framework that pseudonymizes and links data with privacy-preserving record linkage and harmonizes into a common data model (OMOP CDM). To support collaborative analyses a multi-level feature store is also implemented. A feasibility experiment was conducted to test the infrastructures potential for machine learning operations and deployment of other apps (e.g., visualization). Nodes can be operated in a network at different levels of sharing according to the level of trust within the network.
UNASSIGNED: In a proof-of-concept study, a privacy-preserving registry for heart failure patients has been implemented as a real-world showcase for Health Data Space nodes at the highest trust level, linking multiple data sources including (a) electronical medical records from hospitals, (b) patient data from a telemonitoring system, and (c) data from Austria\'s national register of deaths. The registry is deployed at the tirol kliniken, a hospital carrier in the Austrian state of Tyrol, and currently includes 5,004 patients, with over 2.9 million measurements, over 574,000 observations, more than 63,000 clinical free text notes, and in total over 5.2 million data points. Data curation and harmonization processes are executed semi-automatically at each individual node according to data sharing policies to ensure data sovereignty, scalability, and privacy. As a feasibility test, a natural language processing model for classification of clinical notes was deployed and tested.
UNASSIGNED: The presented Health Data Space node infrastructure has proven to be practicable in a real-world implementation in a live and productive registry for heart failure. The present work was inspired by the European Health Data Space initiative and its spirit to interconnect health data silos for versatile secondary use of health data.

Background: In the European Union, the General Data Protection Regulation (GDPR) plays a central role in the complex health research legal framework. It aims to protect the fundamental right to the protection of individuals\' personal data, while allowing the free movement of such data. However, it has been criticized for challenging the conduct of research. Existing scholarship has paid little attention to the experiences and views of the patient community. The aim of the study was to investigate 1) the awareness and knowledge of patients, carers, and members of patient organizations about the General Data Protection Regulation, 2) their experience with exercising data subject rights, and 3) their understanding of the notion of \"data control\" and preferences towards various data control tools. Methods: An online survey was disseminated between December 2022 and March 2023. Quantitative data was analyzed descriptively and inferentially. Answers to open-ended questions were analyzed using the thematic analysis method. Results: In total, 220 individuals from 28 European countries participated. The majority were patients (77%). Most participants had previously heard about the GDPR (90%) but had not exercised any of their data subject rights. Individual data control tools appeared to be marginally more important than collective tools. The willingness of participants to share personal data with data altruism organizations increased if patient representatives would be involved in the decision-making processes of such organizations. Conclusion: The results highlighted the importance of providing in-depth education about data protection. Although participants showed a slight preference towards individual control tools, the reflection based on existing scholarship identified that individual control holds risks that could be mitigated through carefully operationalized collective tools. The discussion of results was used to provide a critical view into the proposed European Health Data Space, which has yet to find a productive balance between individual control and allowing the reuse of personal data for research.

Big data and artificial intelligence are key elements in the medical field as they are expected to improve accuracy and efficiency in diagnosis and treatment, particularly in identifying biomedically relevant patterns, facilitating progress towards individually tailored preventative and therapeutic interventions. These applications belong to current research practice that is data-intensive. While the combination of imaging, pathological, genomic, and clinical data is needed to train algorithms to realize the full potential of these technologies, biobanks often serve as crucial infrastructures for data-sharing and data flows. In this paper, we argue that the \'data turn\' in the life sciences has increasingly re-structured major infrastructures, which often were created for biological samples and associated data, as predominantly data infrastructures. These have evolved and diversified over time in terms of tackling relevant issues such as harmonization and standardization, but also consent practices and risk assessment. In line with the datafication, an increased use of AI-based technologies marks the current developments at the forefront of the big data research in life science and medicine that engender new issues and concerns along with opportunities. At a time when secure health data environments, such as European Health Data Space, are in the making, we argue that such meta-infrastructures can benefit both from the experience and evolution of biobanking, but also the current state of affairs in AI in medicine, regarding good governance, the social aspects and practices, as well as critical thinking about data practices, which can contribute to trustworthiness of such meta-infrastructures.

The potential benefits of digital health technologies in population-based health research depend mainly on whether and to what extent these technologies can be based on the processing of personal health data. However, there needs to be more certainty in the application and interpretation of the relevant legal regulations on the processing of research data using digital health technologies. Research practice primarily uses consent as a legitimation basis for data processing, although the information model of the German and European legislator, with its ambitious requirements for voluntary and informed consent, is unrealistic and needs to be revised. Even the concepts of broad consent, dynamic consent, and meta consent, which represent alternatives to the classic consent solution, cannot remedy all the deficits of the consent model.In order to guarantee the informational self-determination of the persons concerned and, at the same time, keep an eye on the interests of research in the public health sector, data protection for research purposes must be further developed. Solutions should not only be tailored to consent behavior but must also consider the legitimization of research data processing without consent or aim to remove the personal reference of the data irretrievably. To date, the law has only fulfilled its task of striking an appropriate balance between the interests of all stakeholders to a limited extent. However, improvement is in sight, especially given current regulatory initiatives and new legal solutions. This discussion article illustrates the ambivalent role of law: on the one hand, health data protection law is often perceived as an obstacle to innovation, but on the other hand, law can pave the way for digital health technologies if further developed.
UNASSIGNED: Der potenzielle Nutzen digitaler Gesundheitstechnologien hängt im Bereich der populationsbezogenen Gesundheitsforschung maßgeblich davon ab, ob und in welchem Umfang sich diese Technologien auf eine Verarbeitung personenbezogener Gesundheitsdaten stützen lassen. Allerdings herrscht erhebliche Unsicherheit bei der Anwendung und Auslegung der einschlägigen rechtlichen Regelungen zur Verarbeitung von Forschungsdaten mittels digitaler Gesundheitstechnologien. Die Praxis der Forschungsdatenverarbeitung ist immer noch maßgeblich vom Primat der Einwilligung als Legitimationsgrundlage für eine Datenverarbeitung geprägt, obwohl das Informationsmodell des deutschen und europäischen Gesetzgebers mit seinen ambitionierten Anforderungen an die freiwillige und informierte Einwilligung realitätsfern ist. Auch die Konzepte des Broad Consent, Dynamic Consent und Meta Consent, die Alternativen zur klassischen Einwilligungslösung darstellen, können nicht sämtliche Defizite des Einwilligungsmodells beheben.Um die informationelle Selbstbestimmung der betroffenen Personen zu gewährleisten und gleichzeitig die Interessen der Forschung im Public-Health-Bereich im Blick zu behalten, muss der Forschungsdatenschutz weiterentwickelt werden. Lösungen müssen dabei nicht nur am Einwilligungsverhalten selbst ansetzen, sondern auch eine Legitimation der Datenverarbeitung ganz ohne Einwilligung in den Blick nehmen oder auf eine unwiederbringliche Aufhebung des Personenbezugs der Daten abzielen. Dieser Diskussionsartikel beleuchtet die ambivalente Rolle des Rechts im Hinblick auf digitale Gesundheitstechnologien und zeigt, dass der oftmals als Hindernis verstandene Gesundheitsdatenschutz – bei entsprechender Weiterentwicklung – durchaus den Weg für digitale Gesundheitstechnologien bereiten kann.

Drug regulation is a system to support and protect public health. Drugs with market access must be effective, safe and of high quality. Therefore, drug regulatory decision-making by the competent authorities is made on a scientific basis. Real-world evidence (RWE) from real-world data (RWD) has so far predominantly been taken into account in a supportive manner in drug regulatory decision-making with regard to drug safety after marketing authorisation. The extensive potential of RWE for regulatory decision-making processes along the entire product life cycle has been increasingly used and further examined in recent years.This article provides an overview of current applications of RWE in drug regulatory decision-making processes. The potentials of RWE along with the hurdles to be addressed are described and examples of current projects on RWE research for drug regulation are given. The work is based on current international literature as well as examples from international and European initiatives and regulatory practice, which aim to support an increased use of RWD/RWE in regulatory decision-making processes. In order to be able to utilise the potential of RWE even more in the future, it is important to make relevant RWD sources more readily available through research projects and initiatives, to further develop evaluative methods and to establish the significance of RWE.
UNASSIGNED: Die Arzneimittelregulation ist ein System zur Förderung und zum Schutz der öffentlichen Gesundheit. Auf dem Markt erhältliche Arzneimittel müssen wirksam, sicher und qualitativ hochwertig sein. Dafür werden von den zuständigen Behörden Entscheidungen auf wissenschaftlicher Basis getroffen. Real-world-Evidenz (RWE) aus Real-world-Daten (RWD) findet bisher überwiegend unterstützende Berücksichtigung bei den Entscheidungsfindungen hinsichtlich der Sicherheit des Arzneimittels nach der Zulassung. Das umfängliche Potenzial von RWE für regulatorische Entscheidungsprozesse entlang des gesamten Produktlebenszyklus wird seit wenigen Jahren zunehmend genutzt und weiter erforscht.Dieser Beitrag bietet einen Überblick zu aktuellen Anwendungen von RWE in arzneimittelregulatorischen Entscheidungsprozessen. Die diesbezüglichen Potenziale von RWE entlang der zu adressierenden Hürden werden beschrieben sowie Beispiele für aktuelle Projekte zur RWE-Forschung für die Arzneimittelregulation gegeben. Die Arbeit basiert auf aktueller internationaler Literatur sowie Beispielen aus internationalen und europäischen Initiativen und der aktuellen regulatorischen Praxis, die die zunehmende Anwendung von RWD/RWE in regulatorischen Entscheidungsprozessen unterstützen sollen. Um das Potenzial von RWE zukünftig noch besser nutzen zu können, gilt es, durch Forschungsprojekte und Initiativen relevante RWD-Quellen besser verfügbar zu machen, auswertende Methoden weiterzuentwickeln und den Stellenwert von RWE zu etablieren.