Legislation

HIMSS Analysis: European Cybersecurity Scheme for Cloud Services Should Foster – Not Prohibit – Sharing of Secure Patient Data

A close-up photo of a medical professional wearing scrubs using a digital tablet

The European Union has released a proposed approach for EU Cloud Services cybersecurity certification that has a limiting factor for cloud providers, particularly those that have operations spread across the EU member states or outside the EU. 

While acknowledging the importance of protecting patient data, HIMSS strongly recommends revisions to the EU Cloud Services Scheme’s legislative framework that would allow all forms of information sharing, including the utilization of cloud solutions providers that have multiple locations, including operations outside the European Union. Efficient and timely sharing of medical records and streamlined collaboration between healthcare providers will create better patient outcomes and save lives.  

HIMSS urges the EU legislators to collaborate to establish a regulatory format that can ensure data can be securely processed using cloud services of providers with a legal entity in the EU subject to EU law, regardless of the existence of a legally related entity located outside the EU. 

“We believe strong governance systems are important to ensure data security and to respect privacy,” said Hal Wolf, HIMSS President & CEO. “However, such governance systems should avoid limiting the capacity of strong technology partners with well-established security records to collaborate on technology solutions that advance the development of efficient, secure and resilient healthcare systems.” 

HIMSS — as a longstanding advocate for secure information sharing that supports digital transformation and works to reform the global health ecosystem through the power of information and technology — envisions a healthcare system that fosters healthcare innovation from local to global environments.  

Health information and technology improvements reduce provider burnout, lower healthcare costs, drive economic growth, and foster competitiveness to accelerate advancements in care delivery.   

HIMSS strongly supports policy initiatives that foster technological innovation, including the acceleration of cloud technology, which help to ensure patients, caregivers and clinicians benefit from seamless, secure and ubiquitous access to data that can be converted to actionable information. 

Recognizing the important balance between privacy, security, and access to just-in-time information sharing, HIMSS believes country-based and multi-national cloud-based services and solutions play a significant role in improving care coordination across communities as well as within and between the member states of the European Union. 

HIMSS Public Policy and Advocacy

The HIMSS policy team works closely with the U.S. Congress, federal decision makers, state legislatures and governments, and other organizations to recommend policy, and legislative and regulatory solutions to improve health through information and technology.

Help Advance Health IT Policy

Published on