Data Holders
According to the EHDS-Regulation
START
Who holds health data?
If you hold health data and you can make it available, you are considered a data holder under the EHDS Regulation. This Regulation also sets out the role of trusted data holders. Why are there two roles? Do they have the same duties and responsibilities?
Regulation
They look very similar...
... but are they really exactly the same?
Click on the red icons for more information
Data holder
Trusted data holder
Data holder
A health data holder is any institution or natural person that holds health data covered by the EHDS Regulation and is therefore required to make that data available for secondary use. These may be either public or private institutions.
Examples
Trusted data holder
A trusted health data holder is a special category of data holder that is authorised and able to take on additional tasks within the EHDS framework, in addition to its ‘standard’ set of responsibilities.
Examples
Common features
Both a data holder and a trusted data holder share a number of characteristics:
- they hold health data and
- they provide metadata to describe the health data
- they must make health data available upon an approved data request
- they prepare the health data according to the specified format mentioned in the data application form and within the legally permitted timeframe
- they can charge a fee for preparing and delivering the health data
trusted data holders
Distinctive features
Trusted health data holders therefore have the same duties as health data holders. In addition to these duties, trusted health data holders have additional tasks and responsibilities:
- they alleviate the administrative burden for health data access bodies (HDABs)
- they assess the health data requests and health data access applications submitted under this simplified procedure
- they issue a recommendation (proposal for decision) regarding a health data request or health data access application (the HDAB remains responsible for issuing the final data permit)
- they provide access to health data within the secure processing environment (SPE)
trusted data holders
Working method
The health data access body (HDAB) may forward health data access applications and health data requests to the relevant trusted data holders. Trusted data holders shall:
- assess the health data requests and health data access applications submitted under this simplified procedure, based on their expertise in dealing with the type of health data they are processing, and
- issue a recommendation (proposal for decision) regarding the health data access application or health data request. The health data access body shall remain responsible for issuing the final data permit and should not be bound by the recommendation provided by the trusted health data holder.
More info
trusted data holders
Designation procedure
Member States may establish a procedure whereby health data holders can apply to be designated as trusted health data holders, provided the health data holders meet the following conditions:• they are able to provide access to health data through a secure processing environment; • they have the necessary expertise to assess health data access applications and health data requests; • they provide the necessary guarantees to ensure compliance with this Regulation.
Member States shall designate trusted health data holders following an assessment of the fulfilment of those conditions by the relevant health data access body.Member States shall establish a procedure to regularly review whether the trusted health data holder continues to fulfil those conditions. Health data access bodies shall indicate the trusted health data holders in the dataset catalogue referred to in Article 77. Further information on this designation procedure will follow shortly.
See article 77
QUIZ
CLICK TO START
Question 1/3
Quiz
Question 2/3
Quiz
Question 3/3
Quiz
Drag the cards showing responsibilities to the correct role.
Quiz
End of the quiz!
Continue
In summary
Every trusted data holder is a data holder, but not every data holder is a trusted data holder.
A trusted data holder has the same duties as a data holder, but the trusted data holder also has additional duties and responsibilities.
Infographic
Overview
Health Data Access Body (HDAB)
Trusted data holder
Data holder
The Health Data Access Body (HDAB) facilitates the secondary use of health data.It lists the trusted data holders in the national metadata catalogue. It decides whether or not to approve a health data request and whether or not to issue a data permit for a health data access application. The HDAB remains responsible for issuing the final data permit.
Trusted date holders hold health data and also take all necessary preparatory steps to make it available for secondary use. Because of their additional duties, they also have an added responsibility.
Health data holders hold health data and are taking all necessary preparatory steps to make it available for the secondary use of health data.
Course
Click here for the English course on the EHDS preparation tasks for industry
Show your interest
Are you interested in taking on the role of a trusted data holder, or are you still in the exploratory phase?
If so, please do fill in our survey. Your input will help us to better understand the needs and questions that exist and how we can support organisations in their next steps as effectively as possible.
Take the survey
Well done!
You now understand the difference between a health data holder and a trusted health data holder. You know why these different roles are important for secure and responsible data sharing. Dive into the other learning modules to learn more about the EHDS Regulation!
Examples
Typical examples of health data holders include hospitals and healthcare institutions, independent healthcare providers, laboratories, reimbursement services, registers and databases, government bodies, medical technology companies, medical software suppliers...
Did you know that...In Genially you will find more than 1,000 templates ready to customize your content and 100% customizable, which will help you tell your stories?
Potential candidates
Potential institutions that may be trusted data holders are the Federal Public Service (FPS) Public Health, the Intermutual Agency (IMA), the National Institute for Health and Disability Insurance (RIZIV-INAMI), and the Federal Agency for Medicines and Health Products (FAGG)...
Different
Trusted data holders must have the necessary capabilities to prepare the health data themselves to convert it into the required format as specified in the data application form. This involves minimising and pseudonymising or anonymising the requested health data.
In common
Both data holders and trusted data holders hold health data.
Different
Trusted data holders can provide access to health data within a secure processing environment (SPE).
Different
Trusted data holders can help reduce the administrative burden on the Health Data Access Bodies (HDABs).
Different
Data holders can prepare the health data themselves if they have the necessary capabilities to convert it into the required format as specified in the data application form. This preparation involves minimising and pseudonymising or anonymising the requested health data. If a data holder does not have the necessary capabilities, they can hand over the data to the HDAB who will do the data preparation for them.
In common
Both data holders and trusted data holders may charge a fee for responding to a health data request or a health data access application. This fee covers the time and human resources required to prepare the health data. Infrastructure costs may not be charged.
Article 77: Dataset description and dataset catalogue
1. Health data access bodies shall, through a publicly available and standardised machine-readable dataset catalogue, provide a description in the form of metadata of the available datasets and their characteristics. The description of each dataset shall include information concerning the source, scope, main characteristics, and nature of the electronic health data in the dataset and the conditions for making those data available.
2. The dataset descriptions in the national dataset catalogue shall be available in at least one official language of the Union. The dataset catalogue for Union institutions, bodies, offices and agencies provided by the Union health data access service shall be available in all official languages of the Union.
3. The dataset catalogue shall be made available to single information points established or designated under Article 8 of Regulation (EU) 2022/868. 4. By 26 March 2027, the Commission shall, by means of implementing acts, set out the minimum elements health data holders are to provide for datasets and the characteristics of those elements. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 98(2).
Definition of a data holder
Article 2 Definitions (t) mentions the following: 'health data holder’ means any natural or legal person, public authority, agency or other body in the healthcare or the care sectors, including reimbursement services where necessary, as well as any natural or legal person developing products or services intended for the health, healthcare or care sectors, developing or manufacturing wellness applications, performing research in relation to the healthcare or care sectors or acting as a mortality registry, as well as any Union institution, body, office or agency, that has either:
- the right or obligation, in accordance with applicable Union or national law and in its capacity as a controller or joint controller, to process personal electronic health data for the provision of healthcare or care or for the purposes of public health, reimbursement, research, innovation, policymaking, official statistics or patient safety or for regulatory purposes; or
- the ability to make available non-personal electronic health data through the control of the technical design of a product and related services, including by registering, providing, restricting access to or exchanging such data.
You can use this feature... To highlight super-relevant data. 90% of the information we assimilate comes through sight.
Different
The trusted data holders have the necessary expertise to assess health data requests and health data access applications submitted through a simplified procedure.
Different
The trusted data holders may make a recommendation as to whether or not to issue a data permit. However, the Health Data Access Body (HDAB) remains responsible for issuing such data permits.
In common
Both data holders and trusted data holders must make the requested health data available, as specified in the data application form, following the approval of this health data request or following the issuing of a data permit for a health data access application.
In common
Both data holders and trusted data holders hold health data.
Did you know that...The window allows you to add broader content. You can enrich your genially by incorporating PDFs, videos, text... The content of the window will appear when clicking on the interactive element.
In common
Both data holders and trusted data holders use the same metadata standard, Health DCAT-AP, to describe the characteristics of the health data.
In common
Both data holders and trusted data holders may charge a fee for responding to a health data request or a health data access application. This fee covers the time and human resources required to prepare the health data. Infrastructure costs may not be charged.
In common
Both data holders and trusted data holders use the same metadata standard, Health DCAT-AP, to describe the characteristics of the health data.
Proposal for decision
The trusted health data holder shall submit the assessment it carries out, accompanied by a proposal for decision, to the health data access body within two months of receipt of the health data access application or health data request from the health data access body. Within two months of receipt of the assessment, the health data access body shall issue a decision on the health data access application or health data request. The health data access body shall not be bound by the proposal submitted by the trusted health data holder.
Tip:Interactivity is the key piece to capturing the interest and attention of your audience. A genially is interactive because your audience explores and engages with it.
In common
Both data holders and trusted data holders must make the requested health data available, as specified in the data application form, following the approval of this health data request or following the issuing of a data permit for a health data access application.
(Trusted) Data Holders
FPS Health
Created on May 20, 2026
Technical e-learning describing the differences between a data holder and a trusted data holder
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Essential Learning Unit
View
Akihabara Learning Unit
View
Genial learning unit
View
History Learning Unit
View
Primary Unit Plan
View
Vibrant Learning Unit
View
Art learning unit
Explore all templates
Transcript
Data Holders
According to the EHDS-Regulation
START
Who holds health data?
If you hold health data and you can make it available, you are considered a data holder under the EHDS Regulation. This Regulation also sets out the role of trusted data holders. Why are there two roles? Do they have the same duties and responsibilities?
Regulation
They look very similar...
... but are they really exactly the same?
Click on the red icons for more information
Data holder
Trusted data holder
Data holder
A health data holder is any institution or natural person that holds health data covered by the EHDS Regulation and is therefore required to make that data available for secondary use. These may be either public or private institutions.
Examples
Trusted data holder
A trusted health data holder is a special category of data holder that is authorised and able to take on additional tasks within the EHDS framework, in addition to its ‘standard’ set of responsibilities.
Examples
Common features
Both a data holder and a trusted data holder share a number of characteristics:
trusted data holders
Distinctive features
Trusted health data holders therefore have the same duties as health data holders. In addition to these duties, trusted health data holders have additional tasks and responsibilities:
trusted data holders
Working method
The health data access body (HDAB) may forward health data access applications and health data requests to the relevant trusted data holders. Trusted data holders shall:
More info
trusted data holders
Designation procedure
Member States may establish a procedure whereby health data holders can apply to be designated as trusted health data holders, provided the health data holders meet the following conditions:• they are able to provide access to health data through a secure processing environment; • they have the necessary expertise to assess health data access applications and health data requests; • they provide the necessary guarantees to ensure compliance with this Regulation.
Member States shall designate trusted health data holders following an assessment of the fulfilment of those conditions by the relevant health data access body.Member States shall establish a procedure to regularly review whether the trusted health data holder continues to fulfil those conditions. Health data access bodies shall indicate the trusted health data holders in the dataset catalogue referred to in Article 77. Further information on this designation procedure will follow shortly.
See article 77
QUIZ
CLICK TO START
Question 1/3
Quiz
Question 2/3
Quiz
Question 3/3
Quiz
Drag the cards showing responsibilities to the correct role.
Quiz
End of the quiz!
Continue
In summary
Every trusted data holder is a data holder, but not every data holder is a trusted data holder.
A trusted data holder has the same duties as a data holder, but the trusted data holder also has additional duties and responsibilities.
Infographic
Overview
Health Data Access Body (HDAB)
Trusted data holder
Data holder
The Health Data Access Body (HDAB) facilitates the secondary use of health data.It lists the trusted data holders in the national metadata catalogue. It decides whether or not to approve a health data request and whether or not to issue a data permit for a health data access application. The HDAB remains responsible for issuing the final data permit.
Trusted date holders hold health data and also take all necessary preparatory steps to make it available for secondary use. Because of their additional duties, they also have an added responsibility.
Health data holders hold health data and are taking all necessary preparatory steps to make it available for the secondary use of health data.
Course
Click here for the English course on the EHDS preparation tasks for industry
Show your interest
Are you interested in taking on the role of a trusted data holder, or are you still in the exploratory phase?
If so, please do fill in our survey. Your input will help us to better understand the needs and questions that exist and how we can support organisations in their next steps as effectively as possible.
Take the survey
Well done!
You now understand the difference between a health data holder and a trusted health data holder. You know why these different roles are important for secure and responsible data sharing. Dive into the other learning modules to learn more about the EHDS Regulation!
Examples
Typical examples of health data holders include hospitals and healthcare institutions, independent healthcare providers, laboratories, reimbursement services, registers and databases, government bodies, medical technology companies, medical software suppliers...
Did you know that...In Genially you will find more than 1,000 templates ready to customize your content and 100% customizable, which will help you tell your stories?
Potential candidates
Potential institutions that may be trusted data holders are the Federal Public Service (FPS) Public Health, the Intermutual Agency (IMA), the National Institute for Health and Disability Insurance (RIZIV-INAMI), and the Federal Agency for Medicines and Health Products (FAGG)...
Different
Trusted data holders must have the necessary capabilities to prepare the health data themselves to convert it into the required format as specified in the data application form. This involves minimising and pseudonymising or anonymising the requested health data.
In common
Both data holders and trusted data holders hold health data.
Different
Trusted data holders can provide access to health data within a secure processing environment (SPE).
Different
Trusted data holders can help reduce the administrative burden on the Health Data Access Bodies (HDABs).
Different
Data holders can prepare the health data themselves if they have the necessary capabilities to convert it into the required format as specified in the data application form. This preparation involves minimising and pseudonymising or anonymising the requested health data. If a data holder does not have the necessary capabilities, they can hand over the data to the HDAB who will do the data preparation for them.
In common
Both data holders and trusted data holders may charge a fee for responding to a health data request or a health data access application. This fee covers the time and human resources required to prepare the health data. Infrastructure costs may not be charged.
Article 77: Dataset description and dataset catalogue
1. Health data access bodies shall, through a publicly available and standardised machine-readable dataset catalogue, provide a description in the form of metadata of the available datasets and their characteristics. The description of each dataset shall include information concerning the source, scope, main characteristics, and nature of the electronic health data in the dataset and the conditions for making those data available. 2. The dataset descriptions in the national dataset catalogue shall be available in at least one official language of the Union. The dataset catalogue for Union institutions, bodies, offices and agencies provided by the Union health data access service shall be available in all official languages of the Union. 3. The dataset catalogue shall be made available to single information points established or designated under Article 8 of Regulation (EU) 2022/868. 4. By 26 March 2027, the Commission shall, by means of implementing acts, set out the minimum elements health data holders are to provide for datasets and the characteristics of those elements. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 98(2).
Definition of a data holder
Article 2 Definitions (t) mentions the following: 'health data holder’ means any natural or legal person, public authority, agency or other body in the healthcare or the care sectors, including reimbursement services where necessary, as well as any natural or legal person developing products or services intended for the health, healthcare or care sectors, developing or manufacturing wellness applications, performing research in relation to the healthcare or care sectors or acting as a mortality registry, as well as any Union institution, body, office or agency, that has either:
You can use this feature... To highlight super-relevant data. 90% of the information we assimilate comes through sight.
Different
The trusted data holders have the necessary expertise to assess health data requests and health data access applications submitted through a simplified procedure.
Different
The trusted data holders may make a recommendation as to whether or not to issue a data permit. However, the Health Data Access Body (HDAB) remains responsible for issuing such data permits.
In common
Both data holders and trusted data holders must make the requested health data available, as specified in the data application form, following the approval of this health data request or following the issuing of a data permit for a health data access application.
In common
Both data holders and trusted data holders hold health data.
Did you know that...The window allows you to add broader content. You can enrich your genially by incorporating PDFs, videos, text... The content of the window will appear when clicking on the interactive element.
In common
Both data holders and trusted data holders use the same metadata standard, Health DCAT-AP, to describe the characteristics of the health data.
In common
Both data holders and trusted data holders may charge a fee for responding to a health data request or a health data access application. This fee covers the time and human resources required to prepare the health data. Infrastructure costs may not be charged.
In common
Both data holders and trusted data holders use the same metadata standard, Health DCAT-AP, to describe the characteristics of the health data.
Proposal for decision
The trusted health data holder shall submit the assessment it carries out, accompanied by a proposal for decision, to the health data access body within two months of receipt of the health data access application or health data request from the health data access body. Within two months of receipt of the assessment, the health data access body shall issue a decision on the health data access application or health data request. The health data access body shall not be bound by the proposal submitted by the trusted health data holder.
Tip:Interactivity is the key piece to capturing the interest and attention of your audience. A genially is interactive because your audience explores and engages with it.
In common
Both data holders and trusted data holders must make the requested health data available, as specified in the data application form, following the approval of this health data request or following the issuing of a data permit for a health data access application.