On 29 January 2026, Brussels hosted the Data Privacy for Health Summit, gathering 120 participants and 21 speakers from healthcare, research, law, technology and public policy.
The event explored a central challenge: how to unlock the value of health data while preserving the trust that sustains healthcare systems. Across five thematic discussions, participants highlighted a sector in rapid transformation, where innovation, governance and ethical responsibility must evolve together.
In this context, an academic survey (Led by Sophie Stalla-Bourdillon from Brussels Privacy Hub, Gregory Collet and Winnie Dongbou from MyData-TRUST) on the practical implications of the SRB v EDPS judgment for identifiability and data governance in clinical research is currently being conducted. Contributions from DPOs, legal and clinical research professionals are welcome: Survey
🎯 Anonymisation in practice: a moving target
One key theme concerned the evolving understanding of anonymization in Health Research and Data use. Speakers emphasized that anonymity should not be treated as a static legal label, but as a contextual and dynamic assessment.
Advances in Data analytics and linkage techniques mean that Datasets previously considered low risk may require renewed scrutiny. For example, medical imaging Data can retain structural information that may allow re-identification under certain conditions.
In practice, this suggests that “effective anonymization” is increasingly dependent on context, use case and available auxiliary Data, rather than on intrinsic properties of the Dataset alone.
This does not prevent legitimate use, but it reinforces the need for rigorous and evidence-based risk evaluation.
The challenge is particularly visible in rare disease research, where small populations increase the likelihood of singling out. In such cases, anonymization strategies must consider real-world context, Data ecosystems and technological developments. In some high-dimensional Datasets, particularly in genomics or rare disease contexts, the threshold for irreversible anonymization may be difficult, if not unrealistic, to achieve in practice.
Synthetic Data was discussed as a complementary approach that may enable research collaboration while reducing exposure to Personal Data. When carefully designed and validated, synthetic Datasets can support innovation, training environments and Data sharing initiatives. However, their reliability depends on both Privacy guarantees and statistical fidelity, requiring robust validation frameworks and transparency on generation methodologies.
Overall, the discussion highlighted the growing importance of structured accountability and interdisciplinary cooperation in building trustworthy Health Data practices.
🤖 Healthcare AI: aligning innovation with responsibility
Artificial intelligence is increasingly shaping Clinical Practice, Research and Healthcare operations. Yet deploying AI in environments that rely on sensitive Data introduces complex governance considerations. Participants highlighted that the main barriers to implementation are often organizational rather than purely technical. Data fragmentation, variable quality and limited Data literacy can slow progress and increase risk.
In many cases, governance fragmentation, rather than technological limitation, remains the primary obstacle to scalable and trustworthy AI deployment.
At the same time, emerging challenges such as model leakage, cybersecurity threats and algorithmic bias require sustained attention.
Embedding fairness, explainability and human oversight into system design was identified as essential. AI tools must support professional judgment rather than replace it. Continuous monitoring and clear allocation of responsibilities also remain key to maintaining accountability.
This implies moving from static compliance frameworks toward continuous governance models capable of adapting to evolving system behavior.
Healthcare AI projects typically involve multiple regulatory dimensions, including Data Protection, Cybersecurity, AI governance and sector-specific compliance. Navigating this complexity requires collaboration between technical and legal teams from the earliest stages of development.
Ultimately, the discussion underscored that the long-term success of AI in Healthcare will depend on its ability to enhance trust alongside efficiency and Clinical performance.
🇪🇺 From policy ambition to implementation: the European Health Data Space
The European Health Data Space (EHDS) represents a major step toward enabling secure and interoperable use of Health Data across Member States. Its objectives include improving Patient Care, supporting Research and strengthening Public Health decision-making.
As implementation approaches, stakeholders are increasingly focused on practical challenges. The EHDS introduces new governance concepts and operates alongside existing frameworks such as the GDPR and Clinical Trial legislation. This layered legal environment may create not only complexity but also risks of fragmented interpretation and uneven implementation across Member States.
Trust and awareness were recurring themes. Clear communication about Data use, safeguards and individual rights will be essential to ensure public confidence. Differences in national opt-out mechanisms or governance approaches could also affect participation rates and research quality. Without sufficient alignment, such divergences could undermine both interoperability and the representativeness of Health Datasets at European scale.
Technical interoperability remains another important issue. Variations in infrastructure readiness, Data standards and digital maturity across Europe may influence how quickly the EHDS delivers its intended benefits.
Despite these challenges, participants identified constructive pathways forward, including sector-specific guidance, early stakeholder engagement and enhanced cross-border cooperation mechanisms. The discussion also pointed to the need for a cultural shift toward recognising responsible Data use as a driver of collective benefit.
More fundamentally, the EHDS may test whether Europe can move from a compliance-driven culture toward a trust-based Data governance model.
🛡️ Privacy-enhancing technologies: expanding safe Data Use
Privacy-enhancing technologies (PETs) are increasingly recognized as tools that can support innovation while limiting privacy risks. Techniques such as federated learning, secure multi-party computation and differential privacy enable organizations to analyze sensitive Data without direct exposure in traditional formats.
Speakers emphasized that PETs should be assessed in relation to specific use cases and threat models. They do not eliminate legal obligations, but they can reduce risk and facilitate collaboration when implemented correctly.
Rather than replacing regulatory frameworks, PETs should be understood as operational tools that support compliance and enable new forms of Data governance.
By enabling safer Data sharing, PETs may contribute to new models of research and ecosystem development. They can help reduce administrative burden, accelerate project timelines and allow a wider range of actors to participate in Data-driven initiatives. However, their effectiveness depends on correct implementation, governance integration and a clear understanding of their technical limitations.
Synthetic Data also plays a role in this evolving landscape. When validated against both privacy and utility metrics, synthetic approaches can support experimentation, training and bias detection. Continued research and standardization efforts will be important to support broader adoption of these technologies.
👤 Patient-controlled Data and emerging Governance models
The growing interest in patient-controlled Health Data reflects a broader shift toward more participatory governance models. Patient wallets, secure digital tools allowing individuals to store and manage selected Health credentials, were discussed as one potential component of future Digital Health architecture.
Such tools could support continuity of care, improve transparency and facilitate cross-border Healthcare services. At the same time, their deployment raises complex questions related to identity management, Data accuracy, interoperability and compliance with multiple regulatory frameworks. They also challenge traditional allocations of roles and responsibilities between controllers, processors and Data subjects.
Participants also highlighted the importance of inclusive design and safeguards for vulnerable populations. Ensuring that patient empowerment does not create new forms of risk or inequality will be a key consideration moving forward. In particular, there is a need to ensure that increased individual control does not translate into disproportionate responsibility placed on patients.
Despite these challenges, patient-centric approaches may contribute to strengthening trust and engagement within Healthcare Systems by giving individuals greater visibility and agency in how their Data are used.
🤝 Why dialogue and collaboration are essential
Beyond the themes discussed, the Summit itself illustrated the importance of continued dialogue within the Health Data community.
Technological innovation and regulatory change are transforming the sector at a rapid pace. Addressing emerging risks and opportunities requires cooperation across disciplines, organizations and national borders. Events that bring together diverse perspectives play a crucial role in fostering shared understanding and practical solutions.
They help translate complex developments into operational strategies, encourage alignment on governance approaches and support the development of trustworthy Data Ecosystems. In a field where public confidence is fundamental, such exchanges are essential to sustainable progress.
As Healthcare becomes increasingly Data-driven, collaborative forums will remain indispensable. They enable stakeholders to learn from each other, anticipate future challenges and collectively shape practices that support both innovation and protection. Ultimately, compliance alone is no longer sufficient: building and maintaining trust must become the central objective of Health Data Governance.
The discussions in Brussels reflected a sector committed to advancing responsibly. This collective effort will be key to ensuring that the use of Health Data continues to evolve in ways that benefit Patients, Healthcare systems and society as a whole.
