European Health Data Space Regulation

Regulation (EU) 2025/327 on the European Health Data Space

Background and Scope

The European Health Data Space regulation (“EDHS”) creates a unified framework for the management and exchange of electronic health data across member states in the EU. The primary objective of the EDHS is to empower individuals by providing them with increased control over their personal electronic health data. The regulation also seeks to foster a internal market for digital health services and products, ensuring a consistent and efficient framework for the reuse of health data for research, innovation, policy-making, and regulatory activities.

The EHDS establishes common rules, standards, and infrastructures, along with a governance framework, to facilitate access to electronic health data for both primary and secondary uses. Primary use refers to the processing of electronic health data for healthcare provision, while secondary use involves processing for purposes such as research, policy-making, and innovation. The regulation complements existing rights under the General Data Protection Regulation (GDPR) and introduces additional rights and mechanisms specific to electronic health data.

The EDHS has direct effect in Swedish jurisdiction and may impose changes in national legislation, such as the Public Access to Information and Secrecy Act and the Patient Data Act.

Key Obligations

  • Access to Personal Electronic Health Data: Member States are required to establish services that enable individuals to access their personal electronic health data and exercise their rights.
  • Right to data portability: Individuals have the right to data portability, i.e. request the transmission of their personal electronic health data to healthcare providers of their choice, free of charge and without hindrance.
  • Opt-out right: Member States may provide individuals with the right to opt out from the processing of their personal electronic health data for secondary use.
  • Health Data Access Bodies: Member States must establish health data access bodies to facilitate the secondary use of health data and ensure compliance with the regulation.
  • Secure Processing Environments: Health data access bodies must provide access to electronic health data through secure processing environments that comply with technical and organisational measures.
2031 March 26, 2031

For primary use purposes, the exchange of the second group of priority categories of electronic health data should be operational across all EU Member States.

2029 March 26, 2029

Key provisions of the EHDS Regulation become applicable, including the exchange of the first group of priority categories of electronic health data across all EU Member States.

2025 March 28, 2025

The EHDS Regulation entered into force.

Discover more
Till toppen

© Delphi 2026

Meny

Kontakt

Företaget

Advokatfirman Delphi är en progressiv affärsjuridisk advokatbyrå med erkända specialister inom de flesta av affärsjuridikens områden. Vi är totalt cirka 220 medarbetare, varav ungefär 150 jurister. Våra kontor finns i Stockholm, Göteborg, Malmö och Linköping.

© Delphi 2026

Advokatfirman Delphi vill använda Googles analyscookies för att analysera hur vår hemsida används, i syfte att optimera hemsidan

Ditt samtycke innebär att vi samlar in information om din enhet och om hur du använder hemsidan vilket kopplas ihop med det som Google känner till. Du kan återkalla ditt samtycke genom att t.ex. klicka på ”Hantera kakor” i sidfoten längst ned på sidan eller kontakta oss på privacy@delphi.se.

När du använder hemsidan placeras även ”funktionella” cookies som inte kräver ditt samtycke. Här kan du läsa om hur vi använder cookies. Där hittar du information om din rätt att återkalla ditt samtycke. Placeringen av vissa cookies innebär att vi behandlar dina personuppgifter. Advokatfirman Delphi i Stockholm AB är personuppgiftsansvarig för behandlingen som du kan läsa mer om här. Där hittar du information om dina rättigheter vid vår behandling av dina personuppgifter, nämligen rätt att återkalla ditt samtycke, rätt att invända mot vår behandling, rätt till tillgång, rätt till rättelse, rätt till radering och begränsning, rätt till dataportalitet och rätt att inge klagomål.