Data & Privacy
AI & Trust
Cybersecurity
Digital Services & Media
CHAPTER I
GENERAL PROVISIONSArticles 1 — 2
CHAPTER II
PRIMARY USEArticles 3 — 24
CHAPTER III
EHR SYSTEMS AND WELLNESS APPLICATIONSArticles 25 — 49
CHAPTER IV
SECONDARY USEArticles 50 — 81
CHAPTER V
ADDITIONAL ACTIONSArticles 82 — 91
CHAPTER VI
EUROPEAN GOVERNANCE AND COORDINATIONArticles 92 — 96
CHAPTER VII
DELEGATION OF POWERS AND COMMITTEE PROCEDUREArticles 97 — 98
CHAPTER VIII
MISCELLANEOUSArticles 99 — 104
CHAPTER IX
DEFERRED APPLICATION, TRANSITIONAL AND FINAL PROVISIONSArticles 105 — 105
ANNEXES
In order to enable the seamless exchange of electronic health data and ensure respect for the rights of natural persons and health professionals, EHR systems marketed in the internal market should be able to store and transmit, in a secure way, high quality electronic health data. It is a key objective of the EHDS to ensure the secure and free movement of electronic health data across the Union. To that end, a mandatory conformity self-assessment scheme for EHR systems processing one or more priority categories of electronic health data should be established to overcome market fragmentation while ensuring a proportionate approach. Through the self-assessment, EHR systems will prove compliance with the requirements on interoperability, security and logging for communication of personal electronic health data established by the two mandatory EHR software components harmonised by this Regulation, namely the European interoperability software component for EHR systems and the European logging software component for EHR systems (the ‘harmonised software components of EHR systems’). The harmonised software components of EHR systems mainly concern data transformation, although they may imply the need for indirect requirements for data registration and data presentation in EHR systems. Technical specifications for the harmonised software components of EHR systems should be defined by means of implementing acts and should be based on the use of the European electronic health record exchange format. The harmonised software components of EHR systems should be designed to be reusable and to integrate seamlessly with other components within a larger software system. The security requirements of the harmonised software components of EHR systems should cover elements specific to EHR systems, as more general security properties should be supported by other mechanisms such as those under Regulation (EU) 2024/2847 of the European Parliament and of the Council . To support that process, European digital testing environments should be set up to provide automated means to test whether the functioning of the harmonised software components of an EHR system is compliant with the requirements laid down in this Regulation. To that end, implementing powers should be conferred on the Commission to determine the common specifications for those environments. The Commission should develop the necessary software for the testing environments and make it available as open source. Member States should be responsible for the operation of the digital testing environments, as they are closer to manufacturers and better placed to support them. Manufacturers should use those digital testing environments to test their products before placing them on the market while continuing to bear full responsibility for the compliance of their products. The results of the test should become part of the product’s technical documentation. Where the EHR system or any part of it complies with European standards or common specifications, the list of the relevant European standards and common specifications should also be indicated in the technical documentation. To support the comparability of EHR systems, the Commission should prepare a uniform template for the technical documentation accompanying such systems.