Secondary Use Under EHDS: Why Access to Health Data Will Never Be Open

Secondary use is one of the most ambitious and strategically important parts of EHDS. It enables the use of health data for scientific research, innovation, public health, statistics, healthcare planning, AI development, and policy making.

Yet despite its transformative potential, EHDS does not create an open-access ecosystem for health data.

Under Regulation (EU) 2025/327, access to data is:

• permit-based
• purpose-bound
• time-limited
• auditable
• subject to strict technical and legal safeguards

This publication explains why EHDS is fundamentally designed around controlled access rather than unrestricted data sharing.

The article analyses the role of Health Data Access Bodies (HDABs), permit evaluation criteria, proportionality requirements, pseudonymisation obligations, and restrictions on data export and re-identification.

One of the key concepts explored is the transformation of governance into executable operational workflows.

Under EHDS, a data permit becomes much more than an administrative approval. It defines who can access data, what categories of data can be used, for which purpose, inside which environment, for how long, and under what technical conditions.

EHDS therefore introduces a new operational paradigm: access is no longer negotiated informally. It is infrastructure-enforced.

The permitted purposes are broad, but not unlimited

Article 53 of Regulation (EU) 2025/327 allows secondary use for purposes that can benefit society: public health, policymaking, official statistics, education, scientific research, innovation, algorithm training and evaluation, and improvement of healthcare delivery. This is a wide mandate, but it is not an open-ended permission.

The same chapter of Regulation (EU) 2025/327 immediately narrows the field. Article 54 of Regulation (EU) 2025/327 prohibits uses such as decisions detrimental to individuals or groups, discrimination in insurance, credit or employment contexts, advertising and marketing, and development of harmful products or services. This structure is important: EHDS enables reuse because reuse can serve public value, but it rejects the idea that health data should become a general commercial resource.

From application to enforceable access

The access process is designed to make purpose, proportionality, and safeguards concrete. Article 67 of Regulation (EU) 2025/327 requires applicants to describe who they are, why they need the data, which data they seek, whether anonymised data are sufficient, what safeguards will prevent misuse and re-identification, how long the data are needed, and what tools are required inside the secure processing environment.

Article 66 of Regulation (EU) 2025/327 then gives health data access bodies a clear minimisation duty. Access should be limited to data that are adequate, relevant and necessary. If the purpose can be achieved with anonymised data, anonymised data should be used. Pseudonymised data require justification.

This is why secondary use under EHDS will never be “open” in the ordinary sense. The access decision is not a gateway to raw institutional databases. It is a structured permission to process a defined dataset, for a defined purpose, by defined people, under defined technical conditions.

Closing thought

The real promise of EHDS secondary use is not frictionless access. It is legitimate access. That distinction matters. Europe can unlock health data for research and innovation only if the access model remains bounded, auditable and understandable to the public.