Ciência_Iscte
Publicações
Descrição Detalhada da Publicação
Dynamic consent for secondary use of health data: Challenges and opportunities under European law
Título Revista
JMIR Medical Informatics
Ano (publicação definitiva)
2026
Língua
Inglês
País
Canadá
Mais Informação
Web of Science®
Scopus
Google Scholar
Esta publicação não está indexada no Overton
Abstract/Resumo
Secondary use of health data is essential for advancing medical research, innovation, and public health policy across Europe. Traditional static or broad consent models are increasingly inadequate in complex, multistakeholder digital ecosystems. Dynamic consent, which enables granular, interactive, and ongoing management of individual preferences, including revocation, has emerged as a patient-centered alternative. This integrative review examines the legal feasibility and practical challenges of implementing dynamic consent for secondary health data use under the General Data Protection Regulation (GDPR) and the European Health Data Space (EHDS) Regulation. Drawing on doctrinal legal analysis, European policy documents, national derogations, and technical standards including Health Level Seven Fast Healthcare Interoperability Resources, electronic Identification, Authentication and Trust Services 2.0, European Digital Identity Wallet, and distributed ledger approaches, the study synthesizes legal, governance, and informatics perspectives. Findings indicate that while the GDPR establishes parameters supportive of specific, informed, and revocable consent, significant barriers persist due to national fragmentation, divergent lawful bases for processing, and limited cross-border revocation mechanisms. The EHDS, with provisions phasing in from 2029, shifts governance toward institutional authorization via Health Data Access Bodies and secure processing environments, reducing reliance on individual consent for many large-scale uses. Technical prerequisites, machine-readable consent artifacts, high-assurance digital identity, and policy-based enforcement remain unevenly developed. Nevertheless, integration with data altruism mechanisms under the Data Governance Act and emerging interoperability tools offers promising pathways. A 3-stage operational architecture (consent administration, decision, and enforcement) is proposed to embed dynamic consent within the hybrid EHDS-GDPR framework. However, challenges including blockchain immutability conflicts with the right to erasure, revocation propagation across systems, implementation costs, consent fatigue, and digital divides must be addressed. Dynamic consent cannot serve as a universal solution but can meaningfully enhance transparency and trust when deployed contextually alongside institutional safeguards. Coordinated EU-level harmonization, standardization, and inclusive design will be essential for its successful operationalization.
Agradecimentos/Acknowledgements
--
Palavras-chave
Blockchain,Dynamic consent,Secondary use of health data,General Data Protection Regulation,GDPR,European Health Data Space,EHDS,Interoperability,Digital identity
Classificação Fields of Science and Technology
- Ciências da Computação e da Informação - Ciências Naturais
- Ciências da Saúde - Ciências Médicas
Registos de financiamentos
| Referência de financiamento | Entidade Financiadora |
|---|---|
| UID/06486/2025 | Fundação para a Ciência e a Tecnologia |
| PRR-RE-C05-i01.02 | Blockchain.PT |
| UID/PRR2/06486/2025 | Fundação para a Ciência e a Tecnologia |
| UID/PRR/06486/2025 | Fundação para a Ciência e a Tecnologia |
English