In the landscape of digital health in Italy, a crucial issue pertains to the management of health data and the protection of citizens’ privacy. Until recently, the system for collecting health data did not incorporate pseudonymization techniques and did not ensure adequate privacy protection. The lack of transparency regarding the types of data processed through the Electronic Health Record (EHR), the roles of the parties involved, and the location of data banks highlighted the need for profound reform.

The systematic processing of health data, in the absence of appropriate protocols, posed significant risks to the rights of the individuals concerned. With the introduction of the new regulation, the Health Data Ecosystem (HDE) emerges as a vital tool for digital health management in Italy. Services related to the HDE will be fully operational by March 31, 2026, provided that the necessary regulations for EHR 2.0 are completed.

Today, the data managed by the HDE is processed in accordance with the principles of the General Data Protection Regulation (GDPR). As stipulated in the decree of September 7, 2023, the data comes exclusively from healthcare and social healthcare facilities recognized by the National Health Service. Data subject to anonymization, as required by law, will be excluded from the ecosystem.

This initiative represents a significant step towards a more secure and coordinated digital health system, aiming to ensure centralized and homogeneous management of health data throughout the country. The primary purpose of the HDE is to improve healthcare, ensuring that data is used in an ethical and responsible manner.

The ecosystem will primarily be fed by the EHR and other health data systems, allowing for more efficient management of public health. Among the declared objectives is ensuring uniform coordination on a national scale, to develop healthcare services that can respond to the actual needs of regions and professionals in the sector.

A fundamental aspect is the informed consent of patients, which must be explicit and specific for the different purposes of data processing. A consent registry will also be created, thereby ensuring a high degree of transparency and security in the processing of personal information. Each healthcare provider will receive adequate training to manage data in compliance with existing regulations, thus fostering a more effective relationship with patients.

Data will be deleted thirty years after the patient’s death, with the Ministry of Health responsible for annual deletion. Only authorized individuals, with the consent of the data subject, will be able to access the data within the HDE. However, an exception is foreseen for emergency health situations, where National Health Service operators will be able to access data without consent.

The new HDE project envisions an architecture aimed at modernizing and securing data processing. It will be developed on a separate storage system, including a data module, a broker, and a service module, utilizing rigorous technical and organizational measures to ensure information protection. These include secure communication protocols and authorization mechanisms to monitor access and operations.

The HDE aims to manage the pharmaceutical dossier in an integrated manner, extracting data related to prescriptions and drug dispensing. However, access to this data will be limited and justified by specific requests, avoiding the creation of a permanent database in order to ensure targeted and secure use of information.

In clinical settings, healthcare facilities and professionals who take charge of the patient will be able to access HDE services for care purposes, excluding unauthorized access, for instance, by insurance companies or employers. Regarding research and scientific study, access will only be allowed to anonymized and aggregated data, preventing any improper use of personal information.

Finally, it is important to underline…