Articles of the European Health Data Space (EHDS), Article 1, Subject matter and scope



Article 1, Subject matter and scope, Articles of the European Health Data Space (EHDS), (Proposal_3.5.2022)

1. This Regulation establishes the European Health Data Space (‘EHDS’) by providing for rules, common standards and practices, infrastructures and a governance framework for the primary and secondary use of electronic health data.


2. This Regulation:

(a) strengthens the rights of natural persons in relation to the availability and control of their electronic health data;

(b) lays down rules for the placing on the market, making available on the market or putting into service of electronic health records systems (‘EHR systems’) in the Union;

(c) lays down rules and mechanisms supporting the secondary use of electronic health data;

(d) establishes a mandatory cross-border infrastructure enabling the primary use of electronic health data across the Union;

(e) establishes a mandatory cross-border infrastructure for the secondary use of electronic health data.


3. This Regulation applies to:

(a) manufacturers and suppliers of EHR systems and wellness applications placed on the market and put into service in the Union and the users of such products;

(b) controllers and processors established in the Union processing electronic health data of Union citizens and third-country nationals legally residing in the territories of Member States;

(c) controllers and processors established in a third country that has been connected to or are interoperable with MyHealth@EU, pursuant to Article 12(5);

(d) data users to whom electronic health data are made available by data holders in the Union.


4. This Regulation shall be without prejudice to other Union legal acts regarding access to, sharing of or secondary use of electronic health data, or requirements related to the processing of data in relation to electronic health data, in particular Regulations (EU) 2016/679, (EU) 2018/1725, […] [Data Governance Act COM/2020/767 final] and […] [Data Act COM/2022/68 final].


5. This Regulation shall be without prejudice to Regulations (EU) 2017/745 and […] [AI Act COM/2021/206 final], as regards the security of medical devices and AI systems that interact with EHR systems.


6. This Regulation shall not affect the rights and obligations laid down in Union or national law concerning data processing for the purposes of reporting, complying with information requests or demonstrating or verifying compliance with legal obligations.