The General Data Protection Regulation (GDPR) recognises data concerning health as a special category of data and provides a definition for health data for data protection purposes. Though the innovative principles introduced by the GDPR (privacy by design or the prohibition of discriminatory profiling) remain relevant and applicable to health data as well, specific safeguards for personal health data and for a definitive interpretation of the rules that allows an effective and comprehensive protection of such data have now been addressed by the GDPR. Processes that foster innovation and better quality healthcare, such as clinical trials or mobile health, need robust data protection safeguards in order to maintain the trust and confidence of individuals in the rules designed to protect their data.
EDPS Formal comments on the draft Commission Implementing Regulation on MyHealth@EU.
EDPS Formal comments on the draft Delegated Regulation supplementing Directive (EU) 2024/2841 establishing the European Disability Card and the European Parking Card for persons with disabilities.
Speech by Wojciech Wiewiórowski at the LIBE Committee presenting the Annual Report 2025
The EDPS Annual Report 2025 looks back over a year when our work was characterised by the operationalisation of our expanding mandate, guided by our strategic principles: Foresight, Action and Solidarity.
This year’s highlights include:
The digital future is here. We are guiding the EU administration through this transformation with expertise and an unwavering focus on your rights.
EDPS Formal comments on the draft Implementing Regulation on an interoperable, cross-border identification and authentication mechanism for natural persons, health professionals and healthcare providers for the purposes of the cross-border exchange of personal electronic health data.