Full implication of different private and public actors, as well as empowered citizens, is needed in order to unlock eHealth potential in Europe. To achieve the trust of users, measures of safety have to be taken into consideration in accordance with the "privacy by design" approach. This requires secure storage of information including personal data but also guaranteeing safe exchange of these data over a number of architectures of differing security levels preventing unauthorised access, loss of data and cyber-attacks. A systemic approach to security will increase patients' empowerment, help protect their health also while abroad, and possibly encourage a larger number of Member States to apply it and adapt national legislations.Scope:
Proposals would provide a holistic approach to address challenges of secure storage and exchange (including cross-border) of data, protection and control over personal data, and security of health related data gathered by mobile devices combined with the usability of the eHealth solutions. Proposals should build on existing solutions or developments (openNCP, projects DECIPHER, EPSOS, STORK and others) where possible. Development and use of techniques of homomorphic encryption could be considered. Proposals would also analyse the legal applicable frameworks and societal aspects in the context of deployment of the solution. Existing European and national law including data protection rules, right to be forgotten, giving consent as well as recognized standards have to be respected. The operational solution should be piloted in three different Member States or associated countries. Technologically, it should be easily adaptable in other countries wishing to use it.
The Commission considers that proposals requesting a contribution from the EU between EUR 3 and 5 million would allow these areas to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.
The outcome of the proposals are expected to lead to development to Technology Readiness Level (TRL) 3 to 5 at least; please see part G of the General Annexes.Expected Impact:
Better acceptance of eHealth solutions among patients
Encouraging Member States to widen the use of eHealth
Ensuring the right of patients to cross-border healthcare
Supporting the development of European legal and operational standards for cross-border data exchange and patient privacy protection
Better protection against unauthorised use of personal data, breach of confidentiality and cybercrime
Increasing the awareness of stakeholders, private and public ones, on the current level of data security.
Definition of clear architectures that will promote interoperability between eHealth solutions