EU Health Data Space Regulation (EHDS) - Overview on Multi-country secure processing environment

In recent years, the concept of a Secure Processing Environment (SPE) has become increasingly important for ensuring privacy in health data. The best way to understand an SPE is to imagine a room with one door and no windows—a restricted, safe, audited, and controlled environment. Only authorized people with a special key may enter. Once inside, actions are monitored, ensuring no unauthorized activity takes place.

In practice, SPEs are digital environments used for accessing and analyzing health data. When a health data access body receives your data request, they collate and prepare the pseudonymized data for use. You then receive secure credentials to enter the SPE, where pre-installed tools allow you to view and analyze the data. Access is only granted to persons listed in the respective data permit, and all usage is logged and monitored.

To protect privacy, SPEs follow strict technical and organizational measures, including:

• Granting access only to authorized individuals,

• Limiting what data can be analyzed and how it can be modified,

• Ensuring data users only access data covered by their permit,

• Keeping identifiable logs of access,

• Monitoring compliance and security continuously.

When your work is done, outputs are reviewed to ensure no personal identifiable information leaves the environment. The SPE remains available for the duration of your permit, and six months after archival, the data is destroyed.

Sometimes, data is drawn from multiple countries. In such cases, health data access bodies collaborate to create a multi-country secure processing environment.

SPEs operate through five main stages: request, preparation, use, archive, and destroy. They make it possible to conduct secure, privacy-preserving research that supports medical advancements and innovation.

Let’s build this system together—for everyone.