Stay updated on our activities
Data protection, digital policy and cyber security
Health Data Opportunities, Challenges and Innovation: Data Protection, EHDS and AI
This hybrid course explores the legal, technical, and ethical considerations of health data governance in the European Union. Over three days, participants will gain an in-depth understanding of the General Data Protection Regulation (GDPR), the European Health Data Space (EHDS), and the evolving role of Artificial Intelligence (AI) in healthcare.
This hybrid course explores the legal, technical, and ethical considerations of health data governance in the European Union. Over three days, participants will gain an in-depth understanding of the General Data Protection Regulation (GDPR), the European Health Data Space (EHDS), and the evolving role of Artificial Intelligence (AI) in healthcare. The course will feature expert-led sessions, case studies, and hands-on exercises designed to equip participants with practical knowledge on safeguarding health data, implementing compliance strategies, and leveraging AI responsibly within the healthcare sector.
What you will learn
By the end of the course, you will be able to:
- Understand the legal framework governing health data
- Identify key GDPR provisions relevant to health data processing
- Apply data protection principles to clinical data sharing, anonymisation, and security measures
- Assess compliance requirements for cross-border health data transfers
- Navigate the European Health Data Space (EHDS)
- Analyse the EHDS regulation and its interplay with GDPR
- Recognise challenges and opportunities in EHDS implementation at different administrative levels
- Evaluate the implications of data portability, secondary use of data, and interoperability in healthcare
- Assess AI’s impact on healthcare data governance
- Examine the EU’s regulatory framework for AI in healthcare
- Understand the purpose of regulatory mechanisms such as AI Regulatory Sandboxes for advancing medical and health innovation
- Identify risks and opportunities in AI-driven healthcare solutions, including liability considerations
- Apply best practices in health data protection and compliance
- Conduct risk assessments and Data Protection Impact Assessments (DPIAs)
- Implement safeguards to uphold data subject rights and prevent data breaches
- Engage with practical case studies to develop hands-on expertise in regulatory compliance.
Course methodology
- Engaging learning format: The course includes a mix of lecture-style teaching, complemented by group discussions, hands-on exercises, and real-world case studies.
- Interactive discussions: The sessions provide ample opportunities to ask questions, exchange experiences, and discuss challenges with experts and fellow participants.
- Practical application: Dedicated time for reflection and knowledge sharing will help participants translate key insights into actionable strategies for their daily work and organisational practices.
You will be able to
- Develop a clear understanding of key data protection principles and their application in the healthcare sector.
- Gain insights into the European Health Data Space Regulation, its implementation, and its impact on healthcare organisations.
- Navigate the complexities of international data transfers involving sensitive health data.
- Improve your ability to engage with individuals and third parties while ensuring compliance with data protection regulations.
- Stay informed about emerging challenges related to data sharing and data protection in the healthcare sector.
- Prepare your organisation for the implementation of the European Health Data Space.
- Recognise the risks and opportunities associated with using health data for innovation and research.
- Explore technical tools for managing health data, including the role of AI systems.
- Understand the current and future impact of AI on healthcare, including implications for patients and healthcare providers.
- Strengthen compliance mechanisms for the responsible implementation of AI systems in healthcare settings.
Upon enrolment in our training, participants are admitted to EIPA’s dedicated community of practice together with former participants. You will also have access to the course materials for three months after the course.
This course is designed for professionals working in healthcare regulation, data protection, digital health policy, and AI governance, providing them with the necessary tools to navigate the evolving landscape of health data management in the EU.
This includes, but is not limited to:
- Lawyers, consultants and DPOs from public and private sectors working in the healthcare sector
- Healthcare IT professionals
- National, regional and local administrations that handle health data
- Public health officials.
Project number: 2511501
Hybrid course
Experience our course in a way that suits you best! This hybrid course offers the flexibility to join in-person or online through a live stream. In the registration form, you will have the opportunity to select your preferred option.
Face to Face venue
European Institute of Public Administration (EIPA)
O.L. Vrouweplein 22
6211 HE, Maastricht
The Netherlands
Senior Project Officer
Ms Eveline Hermens
Tel: +31 43 3296259
e.hermens@eipa.eu
Fee
The fee includes documentation, refreshments, lunches, and a dinner. Accommodation and travel costs are at the expense of the participants or their administration.
Discounts
EIPA member fee
EIPA offers a discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency.
Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden.
For all other participants, the regular fee applies.
Early bird discount
The early bird discount is not cumulative with other discounts or promo codes, except for the EIPA member fee.
Loyalty coupon
As a token of appreciation we offer all our participants a loyalty coupon for one of our future courses. The offer can be shared with colleagues and relevant networks. The coupon will expire one year after its release. This discount is not cumulative with other discounts, except for the EIPA member fee.
Meals
Dietary preferences can be indicated on the registration form.
Hotels
EIPA has a special price arrangement with the below hotel. The hotel is within walking distance from EIPA. If you wish to take advantage of this special price, please click on the hotel name to book directly using the link. Payment is to be made directly and personally to the hotel upon checking out.
- Derlon
info@derlon.com
+31 (0)43 321 67 70
Other hotels within walking distance from EIPA:
- Leonardo Boutique Hotel
reservations.maastrichtcitycenter@leonardo-hotels.nl - Townhouse
info@townhousehotels.nl
+31 (0)43 323 30 90 - Mabi
info@hotelmabi.nl
+31 (0)43 351 44 44 - Kaboom Hotel
info@kaboomhotel.nl
+31 (0)43 325 33 40
Confirmation
Confirmation of registration will be forwarded to participants on receipt of the completed online registration form.
Payment
Prior payment is a condition for participation.
Cancellation policy
For administrative reasons you will be charged €150 for cancellations received within 15 days before the activity begins. There is no charge for qualified substitute participants. EIPA reserves the right to cancel the activity up to 2 weeks before the starting date. In that case, registration fees received will be fully reimbursed. EIPA accepts no responsibility for any costs incurred (travel, accommodation, etc.).
A few days before the start of the course you will receive the log-in details for accessing the course materials. You can log in here.
I have a question
Our experts
Programme
| Module I – Data Protection Legal Strategies and Framework for the Healthcare Sector | |
| 08.45 | Registration of participants/Opening of the online platform |
| 09.00 | Welcome to the course Florina Pop, Data Protection Expert, EIPA, Maastricht (NL) |
| 09.15 | A Refresher of the Basic Principles and Provisions: Main GDPR Obligations in the Healthcare Sector and Legal Bases to Process Health Data Florina Pop |
| 10.15 | Q&A |
| 10.30 | Coffee break |
| 11.00 | Clinical Data and GDPR: data sharing, publication and anonymisation of personal data Anne-Sophie Henry-Eude, Head of Transparency, European Medical Agency (EMA), Amsterdam (NL) |
| 12.00 | Q&A |
| 12.15 | EMA’s Approach to Personal Data in Clinical Documents and Processing Data Breaches (Hands-on Exercise) Anne-Sophie Henry-Eude |
| 13.00 | Q&A |
| 13.15 | Lunch at Hotel Derlon |
| 14.45 | Cross-border Health Data Transfers: Balancing GDPR with other Legal Frameworks TBC – Claire Français, Legal Programme Director, EMEA Data Strategy & Privacy, Medtronic, Brussels (BE) |
| 15.30 | Q&A |
| 15.45 | Coffee break |
| 16.15 | Protecting Privacy in the Healthcare Sector: Risk Assessment and Compliance (including Case Study) Victoria Derumier, DPO & Associate Entity Director, MyData-Trust, Brussels (BE) |
| 17.00 | Health Data and Data Subject Rights & Requests (including Case Study) Desislava Borisova, Data Protection Expert, Europol, The Hague (NL) |
| 17.45 | Q&A |
| 18.00 | Concluding Remarks – End of Module I |
| Module II – Analysing the European Health Data Space: Opportunities and Implementation of Common Data Space | |
| 08.45 | Opening of the online platform |
| 09.00 | Welcome Florina Pop |
| 09.15 | The European Health Data Space: a deep Dive into the current Legal Framework and its Interplay with the GDPR Ricard Martinez Martinez, Director of the Chair for Privacy and Digital Transformation, Microsoft-UV/Lissit University of Valencia, Valencia (ES) (TBC) |
| 10.30 | Q&A |
| 10.45 | Coffee break |
| 11.15 | The European Health Data Space Implementation: Challenges and Opportunities (Examples from National, Regional and Local Administration Michele Calabro, Director, European Regional and Local Health Authorities (EUREGHA), Brussels (BE) (TBC) |
| 12:30 | Q&A |
| 13.00 | Lunch at EIPA’s Restaurant |
| 14.15 | Data Portability in the European Health Data Space: Benefits, Risks and Challenges Andras Sule, Former President, EAHP & Chief Pharmacist, Peterfy Hospital, Budapest (HU) |
| 15.15 | Q&A |
| 15.30 | Coffee break |
| 16.00 | Health Innovation and Research: Secondary Use of Data in the EHDS Jerome de Barros, Policy Officer, European Commission, DG SANTE, Brussels (BE) (TBC) |
| 17.00 | Q&A |
| 17.15 | Closing Remarks – End of Module II |
| 19.00 | Dinner in a Restaurant in Maastricht |
| Module III – AI and Health: Navigating the Current and Future Landscape | |
| 08.45 | Opening of the online platform |
| 09.00 | Introduction to Module III Florina Pop |
| 09.05 | The EU Legal Framework for the Use of AI in the Health Sector Mindy Nunez Duffourc, Assistant Professor of Private Law, Maastricht University, Maastricht (NL |
| 10.00 | Q&A |
| 10.15 | Coffee break with Limburg Treat |
| 10.45 | Artificial Intelligence and Health Data in the Healthcare Sector: Opportunities and Risk in the Use of AI for Patients’ Solutions Manuel Cassio, Programme Evaluator, Healthcare Generative AI Commission, Zurich (CH) |
| 11.30 | Q&A |
| 11.15 | Digital Ecosystem and Regulatory Sandboxes: Medical Devices as a Use Case for AI and Cybersecurity Regulation Filippo Bagni, IMT School for Advanced Studies Lucca (PhD Candidate in AI & Cybersecurity), Brussels (BE) |
| 12.30 | Q&A |
| 12.45 | AI and Medical Liability in the Healthcare Sector Mindy Nunez Duffourc |
| 13.15 | Q&A |
| 13.30 | Concluding Remarks and End of the Course |