Secondary use under the European Health Data Space: Setting the Scene and towards a research agenda on Privacy-Enhancing Technologies

Sarah van Drumpt^1*Kartik Chawla¹Tom Barbereau¹Dayana Spagnuelo¹Linda van de Burgwal²

• ¹TNO, Den Haag, Netherlands
• ²VU University, Amsterdam, Netherlands

to address the fragmented 3 health data landscape across Europe by promoting ethical and responsible reuse of data, 4 seeking to balance the opportunities for data reuse with the risks it entails. However, the 5 techno-legal aspects of navigating this balance remain poorly understood. This study adopts 6 a qualitative and inductive approach, using semi-structured interviews to explore the risks, 7 challenges, and gaps in the implementation of privacy-enhancing technologies (PETs) within 8 EHDS, particularly in the context of its governance structure and data permits. The findings 9 identify five distinct categories of concerns, based on fourteen risks, and highlight seven 10 governance and technological solutions, illustrating how these solutions address multiple, often 11 correlated risks. The interdependence between concerns and solutions emphasises the need 12 for a strategic and integrated approach to both governance and technology. This mapping 13 between the risks and solutions also highlights the central role of certain solutions, such as 14 public engagement and awareness, in addressing multiple risks. Furthermore, it introduces a 15 new dimension to the concerns by focusing on the structural imbalances in access to the health 16 data economy. We conclude by proposing a research agenda to advance the integration of PETs 17 into the EHDS framework, ensuring that data permits can effectively facilitate secure, ethical, 18 and innovative health data use.19