Laurence Huin Cabinet Houdart & Associates , FRIDAY SEPTEMBER 30, 2022
While the first applications for the call for projects “Accompaniment and support for the creation of hospital health data warehouses” will soon be identified, it is more than useful to question the constitution of such warehouses in the light of of the European regulation on data governance (Data Governance Act – DGA) which will come into force in less than a year, on September 24, 2023.
Health data warehouses subject to the Data Governance Act
An essential component of the European strategy for the single data market, this regulation organizes within a chapter the reuse of data, personal or not, of public sector bodies for the benefit of any re-user for commercial or non-commercial purposes.
The call for projects (AAP) “accompaniment and support for the creation of hospital health data warehouses (EDS), for a total amount of 50 million euros, provides in its specifications that to be selected the projects must be carried out by a public or private health establishment or a GCS, alone or within a consortium whose members are again public or private health establishments or GCS.
However, the definition given by the DGA of the public sector bodies concerned by this reuse of their data is broad. In fact, the definition of public sector bodies includes bodies governed by public law created to specifically meet needs in the general interest, without an industrial or commercial character, endowed with legal personality and financed mainly by the State, the regional authorities or other bodies governed by public law and whose management is subject to the control of these authorities or bodies, or their body is composed of members, more than half of whom are appointed by the State, regional or local authorities or other bodies governed by public law. Subject to the rules of governance specific to each structure, private health establishments and GCS, candidates for the AAP, could be just as concerned by the DGA as public health establishments.
Another criterion for entering the scope of the DGA: the provision of data that would be reused must fall within the public service mission devolved to public sector bodies. If this concept of “public service mission” must be distinguished from the legal basis provided for in the GDPR and concerning “the performance of a public interest mission”, this concept is defined in the DGA by reference to the law, or other binding rules in force or, in the absence of such rules, in accordance with normal administrative practice. Reading the specifications of the AAP providing that these EDS will make it possible to multiply the analysis of massive data in health and the development of 5P medicine, via excellent research and innovation projects, can only leave predict that this criterion will also be met.
Finally, the AAP by requiring the presentation of at least 3 research projects which must involve at least one partner outside the consortium and carrying a research and innovation project, again confirms the application of the new European regulation to these EDS. Indeed, if the exchange of data between public sector bodies for the sole purpose of exercising their public service mission or the exchange of data between researchers for the purposes of non-commercial scientific research seem to be excluded from the scope of the DGA, the reuse of data for purposes other than the initial objective of the public service mission for which the data was produced is fully covered by the DGA.
No matter what this new regulation could be retorted to us, one more or less to the long list of regulations in this area GDPR, HDS, Data Act, Regulation on artificial intelligence… This is without counting the many implications that covers this new DGA which are far from insignificant for public sector bodies.
Implications in terms of royalties for established EDSs
We could talk about the end of exclusivity agreements concerning the reuse of data, the dispossession of public sector bodies from exercising their intellectual property rights on their databases or even new obligations imposed on the body of the public sector in order to ensure in particular the anonymization of data, the establishment of a secure environment or even to obtain the consent of the persons concerned or the authorization of the data holders for the benefit of re-users.
We will only consider here the royalties that public sector bodies may claim as financial compensation for the reuse of their data. Indeed, the fees provided by the DGA for the benefit of public sector bodies to authorize the reuse of data by any natural or legal person for commercial or non-commercial purposes will only be “ calculated on the basis of the costs related to the conduct of the procedure for requesting the reuse of categories of data […] and limited to the necessary costs relating to:
- the reproduction, supply and dissemination of data;
- the acquisition of rights;
- anonymization or other forms of preparation of personal data and confidential business data in accordance with Article 5(3);
- maintaining the secure processing environment;
- the acquisition of the right to authorize reuse in accordance with this chapter by third parties outside the public sector; and
- the assistance provided to re-users in obtaining the consent of data subjects and the authorization of data holders whose rights and interests may be affected by such reuse”
On reading these provisions, it is more than necessary that health establishments embarking on an application for this AAP be aware of these financial conditions even though the aid provided under this AAP is limited to 65%. full costs.
With a solid background in ICT law, Laurence Huin has developed legal and technical expertise in digital projects.
She joined Cabinet Houdart & Associés in September 2020 and is a partner in the Digital Health division.
She is thus regularly called upon by digital players to advise and assist them in their contractual and pre-litigation issues (compliance with regulations on personal data, drafting and negotiation of contracts on projects, legal security of projects , content regulation and e-reputation). firstname.lastname@example.org | www.houdart.org
We would like to say thanks to the writer of this post for this amazing web content
Hospital health data warehouses facing the DGA
Check out our social media profiles along with other pages related to themhttps://www.ai-magazine.com/related-pages/