Secondary use of health data in Switzerland: demand for a national legal framework for the use of health data

The healthcare industry, researchers, and policymakers agree that the secondary use of healthcare data holds enormous potential for a more efficient, sustainable, and also more cost-effective healthcare system. During the Covid pandemic, this became obvious even to medical laypeople. But when it comes to implementation, the bodies responsible for handling entrusted health data quickly come up against legal limits. The relevant legal situation is – even comparatively – highly complex.

A legal opinion commissioned by Interpharma (the Swiss association of research-based pharmaceutical companies in Switzerland) analysed the current legal situation and identified the multitude of fundamental obstacles in Swiss legislation. According to the opinion, the latter would stand in the way of realizing the potential of secondary use of health data. As Interpharma states in its press release, the legal opinion concludes that a large part of the obstacles identified cannot be justified by the high sensitivity of health data and a related need for regulation. Rather, the legal opinion states that the legal requirements are unnecessary and that they will not be eliminated by the total revision of the Swiss Federal Data Protection Act.

According to the legal opinion, the current Swiss legal framework is comparable to a patchwork quilt, which already leads to unnecessary uncertainty when it comes to the fundamental question of which regulations are applicable to secondary use of health data. This is all the more significant because the individual regulations at federal and cantonal level are not coordinated with each other in terms of content. Sometimes they would even contain divergent terminology and regulations for no apparent reason. As a result, the legal framework is hardly comprehensible in everyday practice and unnecessarily complex. Consequently, the report concludes that a standardisation of the applicable regulations is urgently needed.

Furthermore, the report concludes that the uncertainties surrounding the requirements for the anonymisation of data represent a second central obstacle. In many cases, anonymisation would be the appropriate and only means to avoid the strict data protection requirements and the associated risks of sanctions. However, the concrete requirements are still unclear or at least controversial. Legislative clarifications would therefore be appropriate for the practice of secondary use of health data.

In addition, the legal opinion emphasises that most of the legal authorisation criteria, such as the so-called research exception, do not provide the necessary safeguards in practice. Rather, data processing is not per se lawful even if the conditions provided for therein are met, and an examination of all circumstances in the individual case is necessary. According to the legal opinion, this should be avoided. Furthermore, the requirements for a valid consent (especially the general consent), as a central element of permission, must be clarified and digital solutions must be expressly declared permissible.

Finally, the legal opinion states that the current regulation on data disclosure is a major obstacle to the exchange of data between the actors involved. Thus, based on the ambiguities regarding anonymisation, there is also considerable uncertainty about when sufficient pseudonymisation is to be assumed and to what extent making pseudonymised data accessible constitutes disclosure in the sense of data protection law. The legal opinion concludes that this must be clarified and that legal certainty must be created with regard to the regulations on the disclosure of data abroad.

These are the upcoming dates for our Annual General Meetings:

Thursday, 21 March 2024
Thursday, 20 March 2025