Data & Privacy
AI & Trust
Cybersecurity
Digital Services & Media
CHAPTER I
GENERAL PROVISIONSArticles 1 — 2
CHAPTER II
PRIMARY USEArticles 3 — 24
CHAPTER III
EHR SYSTEMS AND WELLNESS APPLICATIONSArticles 25 — 49
CHAPTER IV
SECONDARY USEArticles 50 — 81
CHAPTER V
ADDITIONAL ACTIONSArticles 82 — 91
CHAPTER VI
EUROPEAN GOVERNANCE AND COORDINATIONArticles 92 — 96
CHAPTER VII
DELEGATION OF POWERS AND COMMITTEE PROCEDUREArticles 97 — 98
CHAPTER VIII
MISCELLANEOUSArticles 99 — 104
CHAPTER IX
DEFERRED APPLICATION, TRANSITIONAL AND FINAL PROVISIONSArticles 105 — 105
ANNEXES
Any attempt to use electronic health data for measures detrimental to natural persons, such as to increase insurance premiums, to engage in activities potentially detrimental to natural persons related to employment, pensions or banking, including mortgaging of properties, to advertise products or treatments, to automate individual decision-making, to re-identify natural persons or to develop harmful products should be prohibited. That prohibition should also apply to activities contrary to ethical provisions under national law, with the exception of ethical provisions relating to consent to the processing of personal data and ethical provisions relating to the right to opt out, since this Regulation takes precedence over national law in accordance with the general principle of the primacy of Union law. It should also be prohibited to provide access to, or otherwise make available, electronic health data to third parties not mentioned in the data permit. The identity of authorised persons, in particular the identity of the principal investigator, who will have the right pursuant to this Regulation to access electronic health data in the secure processing environment should be indicated in the data permit. The principal investigators are the main persons responsible for requesting access to the electronic health data and for processing the requested data within the secure processing environment on behalf of the health data user.