The French strict data protection landscape concerning health research in France has recently seen a significant development with the National Commission on Informatic and Liberties (CNIL) adopting two reference methodologies (MR-007 and MR-008) to facilitate access to huge health public databases (the Système National des Données de Santé (SNDS) (link to the relevant page on the CNIL’s website). With these additional reference methodologies, there are currently eight reference methodologies aimed at addressing various types of research in various contexts.
As a reminder:
The CNIL’s reference methodologies serve as a framework enabling operators engaged in research, studies, and evaluations involving sensitive health data to bypass the need for obtaining an ad hoc authorization from the CNIL, provided they fully adhere to the stipulated reference methodology. A declaration of conformity must be made after a self-assessment. Should a Controller find it challenging to fully comply with each condition and requirement of the pertinent Reference Methodology, it is compulsory to seek an ad hoc authorization from the CNIL which is not systematically granted after the usual (6) months period necessary for the CNIL’s review of the request
The French National Health Data System (SNDS) is a unique system in Europe. The SNDS includes data of about 99% of the French population with a trove of medico-socio-administrative data. Its various databases includes reimbursement data from mandatory health insurance schemes and hospital data, but it also includes comprehensive databases on medical causes of death, data related to disabilities and databases on vaccines.
The new reference methodologies (available in French only) provide the condition for research studies to use the SNDS.
MR-007 is for public organizations and MR-008 for private entities, excluding insurers. Insurers are specifically excluded from its scope of application in order to prevent insurers from using SNDS data to exclude persons from insurance contracts or to adjust insurance premiums on that basis.
MR-008 sets out a number of requirements that organizations must meet in order to access the SNDS database for health research purposes. These requirements include:
a legitimate interest in accessing the data. This means that the research must be in the public interest and necessary to achieve the organization’s objectives.
the implementation of robust security measures to prevent unauthorized access to, or disclosure of, health data.
the setting up of appropriate measures to protect the rights, freedoms, and legitimate interests of the concerned individuals, including making the information publicly available.
Projects under MR-007 and MR-008 still require expressly favourable opinions from the Ethics and Scientific Committee for Research, Studies, and Evaluations in the health domain (CESREES). These methodologies also mandate that the data controller attaches an expression of needs to their protocol, detailing the components of the SNDS primary database required, the targeted population, the targeting period, necessary data or data categories, the historical depth of data up to nine years plus the current year, and the requested access duration, which in principle cannot exceed five years from the last effective data provision.
Regrettably, in its customary stringent stance on data transfers, the CNIL stipulated that:
The data extracted from the primary database of the SNDS must be stored exclusively within the member countries of the European Economic Area, with no provision for transfer outside of the European Union.
Remote access to the data from territories outside the European Union is strictly prohibited.
Access to the SNDS data, for the purposes of executing hosting operations of the technical infrastructure within the prescribed secured environment, as well as the associated administration and management of this storage, is only granted to organizations, and where applicable, their subcontractors, that are exclusively subject to the laws of the European Union.
Reference Methodology MR-008 is a significant development for health research in France. It will make it easier for researchers to access the SNDS database, while also ensuring that the privacy of individuals is protected. This is a substantial advancement for AI developers in the health sector, who will now be able to access this vast amount of data with fewer hurdles, thereby accelerating the pace of innovation and research in healthcare.
Furthermore, this development is a preview of what is anticipated under the new European Health Data Space, which aims to foster a more collaborative and data-driven healthcare ecosystem across Europe.
Authored by Patrice Navarro and Sihem Hassani.