MS31

Following the recent reflection by the Finnish Cancer Registry on how the “data access bottleneck”—rather than a lack of science—is the primary hurdle for improving cancer screening in Europe, the EUCanScreen project has taken a decisive step forward. With the publication of milestone MS31 (https://doi.org/10.5281/zenodo.20280867), authored by the Aragon Health Sciences Institute (IACS) within the framework of WP5, we document the technical and legal roadmap to ensure cancer screening leads to the era of the European Health Data Space (EHDS).

EHDS Regulation

The entry into force of the EHDS Regulation (EU) 2025/327 on March 26, 2025, marks a transformative shift in how Europe leverages health information. However, as revealed by our recent survey of pilot institutions, a significant “preparedness gap” remains. While a majority of participants are familiar with the regulation, a notable minority remains unaware, leading to a direct lack of institutional planning.

Bridging the Gap

The newly released report, “Documentation of the EHDS governance model and the proposed ELSI governance model and HealthData@EU methodology“ serves as a vital bridge between high-level regulation and operational reality. This milestone focuses on three core pillars:

1. Mapping Current Heterogeneity: Our survey confirms that while GDPR is the universal foundation, current screening governance is highly fragmented. Many systems still rely on manual data extraction or desktop-based processing (e.g., MS Excel and Access) that fail to meet the stringent security standards of the future EHDS.
2. An Integrated ELSI Framework: We propose an Ethical, Legal, and Societal Implications (ELSI) governance model to ensure that secondary data use is not only technically sound but also transparent, ethical, and equitable.
3. ASPIRE as a Technical Enabler: The Article 73 of EHDS mandates that personal electronic health data for secondary use must be processed within Secure Processing Environments (SPE) and cannot be downloaded. Our ASPIRE (Analytic Software Pipeline Interface for Reproducible Execution) solution is designed to meet these exact requirements.

ASPIRE: Bringing the Analysis to the Data

ASPIRE is at the core of the EUCanScreen solution. It facilitates the creation of Docker containers, the state-of-the-art technologies to ensure the reproducibility of computer applications results, to implement a federated analysis solution.. Rather than centralizing sensitive information—which triggers privacy concerns and sovereignty issues—ASPIRE “brings the analysis to the data”.

The workflow is compliant-by-design:

1. Secure Execution: ASPIRE containers are deployment-ready within national or regional SPEs to execute analyses locally where the data resides.
2. Non-Extraction Compliance: The pipeline processes personal data internally and outputs only anonymous, aggregated statistical results. This strictly adheres to Article 73(2) of the EHDS Regulation, which limits downloads to non-personal data.

A Consensus for the Future

The results of our validation are powerful: there is an overwhelming consensus among pilot participants that the ASPIRE architecture will effectively support organized and harmonized data processing within the EHDS framework.

With the publication of this report, EUCanScreen is not just identifying the barriers to data access highlighted by the Finnish Cancer Registry; we are providing the methodology and tools to overcome them. We are building the ecosystem necessary for cross-border collaboration that respects national data sovereignty while prioritizing the ultimate goal: reducing the burden of cancer across Europe.