Data & Privacy
AI & Trust
Cybersecurity
Digital Services & Media
CHAPTER I
GENERAL PROVISIONSArticles 1 — 2
CHAPTER II
PRIMARY USEArticles 3 — 24
CHAPTER III
EHR SYSTEMS AND WELLNESS APPLICATIONSArticles 25 — 49
CHAPTER IV
SECONDARY USEArticles 50 — 81
CHAPTER V
ADDITIONAL ACTIONSArticles 82 — 91
CHAPTER VI
EUROPEAN GOVERNANCE AND COORDINATIONArticles 92 — 96
CHAPTER VII
DELEGATION OF POWERS AND COMMITTEE PROCEDUREArticles 97 — 98
CHAPTER VIII
MISCELLANEOUSArticles 99 — 104
CHAPTER IX
DEFERRED APPLICATION, TRANSITIONAL AND FINAL PROVISIONSArticles 105 — 105
ANNEXES
The processing of large amounts of personal electronic health data for the purposes of the EHDS, as part of data processing activities in the context of handling health data access applications, data permits and health data requests entails higher risks of unauthorised access to such personal data, as well as the possibility of cybersecurity incidents. Personal electronic health data are particularly sensitive as they often contain information covered by medical secrecy, the disclosure of which to unauthorised third parties can cause significant distress. Taking fully into consideration the principles outlined in the case law of the Court of Justice of the European Union, this Regulation ensures full respect for fundamental rights, for the right to privacy and for the principle of proportionality. In order to ensure the full integrity and confidentiality of personal electronic health data under this Regulation, to guarantee a particularly high level of protection and security, and to reduce the risk of unlawful access to those personal electronic health data, this Regulation allows Member States to require that personal electronic health data be stored and processed solely within the Union for the purpose of carrying out the tasks provided for in this Regulation, unless an adequacy decision adopted pursuant to Article 45 of Regulation (EU) 2016/679 applies.