by Peter O'Donnell
BRUSSELS, 11 Jan (APM) - Despite the "incredible opportunities" that new science offers for medicine, exploiting that potential is being held back by European Union legislation on data privacy, said EMA executive director Guido Rasi in Brussels on Thursday.
He told a meeting in the European Parliament that he had "deep concern" over limits imposed on secondary use of data by the EU's General Data Protection Regulation.
The future is data
The public health potential in translating the promise of precision and medicine into real patient access is an avowed top priority for Rasi.
He set out his view of how the approvals process should be redesigned around evidence, "facilitating patient access through data that serves the entire decision-making chain".
The data should provide answers to the different questions posed by regulators, HTA agencies and payers.
This should be achieved through aligning the design of the evidence generation plan, covering the populations to be studied, comparators used, endpoints of the studies and requirements for post-licensing evidence generation, such as through registries.
The EMA's vision for the next decade - the regulatory science for 2025 strategy, which Rasi launched at the end of 2018 - specifically aims to promote the use of real world data in decision-making.
The wrong environment?
But Rasi openly questioned "whether the digital revolution is compatible with the current regulatory environment".
The real issue, he said, is to get clarity on the secondary use of data for health research, whether it be from a clinical trial, health records, registries, bio banks or other sources such as real world data.
He said he was not optimistic about the EU's regulation governing privacy, which is a potential bar to data access without specific consent having been given.
"Unfortunately, this is the stumbling block we have to remove," he said, if it was going to be possible to make use of the wealth of data that could play into research.
Consent for use beyond a clinical trial should be regulated, he recognised, but in a way that provides clarity.
"We have to understand what is the final interpretation of how we can use the data," he said. Taking advantage of the possibilities "is not possible under the current interpretation".
He called for urgent action: "Now, next week, Monday."
An identified problem
A senior executive from Intel had highlighted the problem in December.
Mario Romao, the company's director for data and heath policy, pointed out that while the General Data Protection Regulation governs processing of data concerning health in Europe, it does not completely harmonise data protection rules across the EU.
"In particular," he went on, "individual EU member states are allowed to adopt national rules that 'supplement' the regulation, for example, in relation to the processing of health or genetic data".
"It is thus very important that member states and the European Commission minimise, or - even better - eliminate regulatory divergences regarding data concerning health," he said.
His view was that "as the European ecosystem for health data develops, so will data collection, collaboration amongst stakeholders and opportunities for data processing".
As a consequence, "concerns with privacy and data protection will equally increase".
Romao's recipe for resolving the problem was via codes of conduct that would reinforce trust among public and regulators by demonstrating compliance. "Their increased adoption by stakeholders would lower the barriers to enter in large scale collaborative research initiatives."
This parallel's Rasi's view expressed in the Parliament that "cooperation should produce safeguards, both to citizens' rights to protect their personal data, and to support citizens' legitimate expectations of excellent healthcare."