The legal aspect of interoperability of cross border electronic health services: A study of the european and national legal framework

Abstract

Legal interoperability constitutes a prerequisite for the provision of high-quality cross border e-health services, like ePrescription and ePatientSummary. A review of EU legislation, policy initiatives and relevant judgments of the European Court of Justice (ECJ) and the European Court of Human Rights (ECHR) was held, concerning personal medical data. Four European social welfare systems, according to Esping – Andersen’s typology, were selected and a study of health policy in relation to the national legal framework regarding the data protection regulation is examined. A model of legal interoperability for cross-border eHealth services is proposed for policy makers at EU level based on the following major domains: protection and security of data, transparency and liability, further analyzed in multiple axes and combined with EU targets, policy priorities and basic European legal principles. This model could be viable because of the EU’s transnational existence, the coexistence of national and Community law, and the need of novel models of political governance under a unified regulatory and normative base.

Keywords

cross - border health care European Union legal interoperability personal data protection health systems

Introduction

Interoperability is the ability of organizations to interact towards mutually beneficial goals, involving the sharing of information and knowledge between these organizations, through the business processes they support, by means of the exchange of data between their ICT systems.^1,2 Several conceptual definitions of interoperability exist, such as in the following: (a) Healthcare Information and Management Systems Society, Inc. (HIMSS):,³ (b) Institute of Electrical and Electronics Engineers (IEEE),:⁴ (c) ISO/IEC 2382 Information Technology Vocabulary:⁵ and European Commission:.⁶

The overview of these proposals clarifies that the definition of interoperability evolves alongside technological innovation as well as the political and social requirements and is transformed to become the driving force for enhancing economic consolidation and growth, modernizing public administrations and governance. Moreover, according to the Interoperability Framework (EIF) v.2.0 draft issued by IDABC (2008), the necessary conditions for the success of interoperability at the cross-border level are:⁷

a. Legal interoperability, which includes the necessary synchronization of the legislation of the Member States cooperating, so that on the one hand the electronic data from any Member State have mutual recognition and legal weight in another Member State and on the other hand facilitate their public administration.

b. Political support, as it is necessary for effective cooperation, the parties involved must have compatible visions and be focused on the same goal. That implies that the parties working together to pursue the common goal provide political priority and resources on a continuous basis and use the same timelines, while any differences from the original plan are mutually agreed upon or at least properly coordinated and synchronized. At European level, the political framework that expresses the EU’s vision and political priorities related to interoperability is reflected in specific policy tools, such as the European Directives, the Ministerial Declarations, as well as the multi-year programs and action plans.

Legal interoperability is a prerequisite for providing high quality health services at a cross-border level. Achieving legal interoperability can remove potential obstacles, facilitate cooperation, improve the conditions and manner of health care and, above all, ensure the patient and provider of medical, criminal and civil liability issues. The modern age, the way of life, the globalization and the continuous movement of populations require the constant updating of the legislation, in order to correspond to the data and the developments of science. Alongside, the legislation is not a static, but a changing force of the state and society, capable of interpreting and resolving, shaping and adapting.

In this context, this work includes a review of the European legal framework for e-health services and patient cross-border care, associated with an investigation into the legislation of EU countries, in matters of protection and exchange of personal data and the explanation of the legal obstacles currently facing cross-border care. The findings will provide the minimum requirements for the adoption of a single transnational model, according to which safe and quality cross-border care will be possible.

This paper, also, focuses in an innovative way on the influence of health policy in the law making process and discusses traditional political science answers such as the degree of centralization of a country’s health system, its financial healthcare organization (Bismarckian or Beveridgian), the influence of international actors, or lack of resources, in relation to legal interoperability and taken into account the developments regarding the General Data Protection Regulation. Study of the level of legal interoperability between EU Member States in matters of protection and exchange of personal data, is presented, and is combined with the role of health policy in the legislative process. In summary, an explanation of the legal obstacles to cross-border care, the implications and potential risks to the achievement of legal interoperability is presented.

Interoperability as a necessary condition for electronic health services and the legal challenges of interoperability in cross-border electronic health services

Modern era is characterized by the freedoms provided by the single European market and have favored the continuous and easy movement of citizens for work, educational or leisure purposes, and the development of new forms of enterprise beyond national borders. At the same time multilingualism, the diversity of legal systems, the lack of European public services with common architectures and technical infrastructures, as well as security and privacy issues, accessibility problems and social inclusion are inhibiting factors for maximizing the social and economic potential of technologies Information and Communication Technologies (ICT). That indicates that interoperability is of particular importance for the implementation of EU policies and activities which will lead to European integration and therefore a political priority for European public service initiatives and its content is specified and analyzed through continuous guidance, strategies and contexts. Historically, it appears officially on the European Union’s political agenda in 1993, at the initiative of the then President of the European Commission, Jacques Delors, in the White Paper on Growth, Competitiveness, Employment - Challenges and Addressing the Transition to the 21st Century.⁸ Since then, ensuring coherent development and implementation of comprehensive and sectoral interoperability strategies, legal frameworks, guidelines, services and tools to comply with EU policy requirements has been pursued through legislative interventions and successive programs.

The analysis of the nature and the internal features of interoperability had been approached in many ways in recent years. Specifically, according to the European Interoperability Framework (EIF), interoperability can be studied in four layers: legal, technical, semantic and organizational, which lead to the integrated e-government of public services.^9,10 Later, on 2015, the refinement of EIF, namely ReEIF, had as a result the subdivision of the layer of organizational interoperability into the layer of Policy-making and Care process and the layer of Technical Interoperability which has subdivided into the layer of Applications and the layer of Technological Infrastructure¹¹ (Figure 1).

Figure 1.

Refined eEIF (ReEIF) model.¹²

Developments in information and communication technology in Member States of the EU have resulted in the proliferation of incompatible health systems and services, which creates problems for the mobile population who cannot directly receive safe and high-quality healthcare outside the country of residence and healthcare professionals who are unable to provide the necessary services to this population. This initiative aims to achieve the objectives of the Lisbon Strategy, by building up the European Information Society and encouraging the provision of better public services, including eHealth, as its lack is one of major obstacles to implementation of social and economic benefits of eHealth in the Community.¹³

The implementation of these strategic guidelines, due to the specificity of the data concerned appertains to the safeguard clause of Article 8 of the Charter of Fundamental Rights of the European Union.¹⁴ The accomplishment of the goals of e-health strategies requires the synchronization and modernization of national laws in order to create a framework for greater legal certainty, not only in terms of data transfer, but also in terms of identification, professional accreditation, responsibility for diagnosis and care, as well as administrative matters such as the right to reimbursement, the mutual recognition of professional qualifications and the very complex issue of the right to care.¹⁵

Alongside, e-Health is part of the e-Europe strategy, as it has the potential to support the new model of health care provision, characterized by citizen-centric architecture, as the citizen is the ultimate recipient, judge and consumer of all services and applications.¹⁶ The key elements of the e-Health strategy imply significant legal issues, which need to be addressed and solved, with a view to achieving interoperability of systems and maximizing the benefits.

In particular, European Interoperability Framework defines “legal interoperability” as the legislative basis for interoperability, which is achieved by providing compatible regulations on privacy and access control.¹⁷ Furthermore, the Thematic Network CALLIOPE proposes an integrated model for the interconnection of national and European activities in the field of interoperability.¹⁸ As far as legal issues are concerned, the CALLIOPE network proposes the idea of a credible European area for e-health, where national reliable “health data exchange” environments are interconnected via national nodes. European Union has co-funded the large-scale epSOS pilot project, which focuses on developing a trustworthy area through the implementation of framework agreements that facilitate secure access to patient health information between different health systems on issues of interoperability of the summary patient and e-prescription.¹⁹ The legal challenges facing interoperability are faced also in the eHDSI framework.^20,21

The legal framework in cross border health services in European Union

The fundamental freedoms of movement (free movement of persons, goods, services and capitals) on which Europe was built following the Maastricht Treaty are an essential part of European law, as developed through the case law of the Court of Justice of the European Communities and incorporated into primary and secondary EU legislation. Their implementation aims to ensure those safeguards which are considered essential to the achievement of the EU’s objectives and principles as they have been documented in various EU treaties, such as the Treaty of Rome (1957), the Single European Act (1986) the Treaty on European Union (1992), the Treaty of Amsterdam (1997) and the Treaty of Nice (2001), with the result that any derogation and circumvention is unacceptable as it is incompatible with their intrinsic value.

The European Court of Justice has clarified the conditions under which patients may be reimbursed for healthcare provided in a Member State other than that of the patient’s Member State of affiliation. Community law also provides that citizens' acquired rights to healthcare in a Member State are recognized when they move to another Member State. However, in practice it is often not just a matter of exercising these rights for citizens. However, this has implications for the health services and medical care of both the country where they are insured and the country in which the care is provided. Although healthcare and medical care fall primarily within the domain of Member States, cooperation at European level has great potential to deliver benefits for both individual patients and health systems.²² At the same time, the use of information technologies offers great potential to patients, professionals and health systems in gener al. In this context, serious data protection issues and data sharing between Member States and at EU level, where privacy is recognized as an aspect of privacy protection, are raised in accordance with Article 8 of the European Convention on Human Rights protection referred to the Article 6 (3) of the Treaty of European Union, which emphasizes the binding nature of fundamental rights which derive from the “ECHR” and the constitutional traditions of the Member States. This “constitutional” obligation is also emphasized in the preface (point 10) of Directive 95/46/EC, which states that the protection of privacy as defined in article 8(1) of the ECHR is the most important purpose of the national legislation on the protection of personal data. Furthermore, the Article 16 of the Treaty of Lisbon expressly recognizes the positive obligation of the institutions and of the EU Member States to protect their personal data, horizontally, in the whole of EU policies. At constitutional level, the most important development in the EU is the consolidation, in Article 8 of the EU Charter of Fundamental Rights, of the right to the protection of personal data as an autonomous, fundamental and new generation right, emerged due to globalization and technology. Furthermore, in the Charter, which has been validated by the Treaty of Lisbon, a number of principles guaranteeing the protection of personal data, such as legitimate and legitimate public interest treatment, the need for consensus of the subject and the protection of the person by an Independent Authority are stipulated.²³

Methodology

The legislative initiatives of the states in the field of health have always been related to the national policy pursued, its priorities and directions. In modern European societies national legislative production is directly dependent on the rate of national convergence in European policies and the transition to the information society. This happens due to the influence of international and supranational organizations, such as the European Union, the United Nations, the OECD, etc., as well as in the light of the Charter of Fundamental Rights and other important European texts, as interpreted by the case law of the Court of the European Communities and the European Court of Human Rights. This pace, however, is fully linked to the general administrative, economic and social situation of each state and is its dynamic energy towards change and development. Therefore, since the planning of political health is intertwined with the planning of public policy, it depends directly on the structure of the political system, which classifies the resources of political players and shapes their dynamics, directly influenced by the motivations of different players in political dashboard, institutional and historical environment, active participation or passive acceptance of common events and related actions. At the same time “human motivations - the inner desires or preferences that motivate behaviors and actions - play a central role in both design and implementation of public policy.".²⁴ In addition, legislation, as well as health policy, can be analyzed in the light of the figure below, according to which “actors” play a key role in shaping it, which refers to the figure below as “content” (content). The political “process”, which is related to the processes and design of the policy, together with the “content” and the “actors” are the “context.²⁵

The methodology of the study has been organized in two major axes.

Axe 1: Review of the European legal framework.

Axe 2: National health policy and national legal frameworks.

These axes were used in order to shape the legal interoperability model, as seen in Figure 2, which is the scope of this study.

Figure 2.

Legal interoperability model.

Axe 1: Review of the European legal framework

Firstly, a systematic review of the European legal framework of cross border healthcare as well as European case law on issues concerning cross border health care was realized. The sources for this review were legal information databases, such as the Hellenic NOMOS, the database of the Court of Justice of the European Union and the HUDOC database (European Court of Human Rights). The legal framework on cross border health care in Europe is based on the general legal principles which are defined in the European Convention of Human Rights, the Treaty of Maastricht, the Treaty of Lisbon and the Charter of Fundamental Rights of EU, as well as on the specific EU Regulations and Directives, such as the Regulation (EEC) No 1408/71 of the on the application of social security schemes to employed persons and their families moving within the Community,²⁶ the Regulation EU 883/2004 on the coordination of social security systems,²⁷ the Directive 95/46/EU on the protection of individuals with regard to the processing of personal data and on the free movement of such data,²⁸ the Directive 2002/58/EU concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications),²⁹ the Directive on the application of patients’ rights in cross-border healthcare and the Regulation 2016/679/EU on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).³⁰ The review of the European Case Law is briefly presented in the Tables 1 and 2.

Table 1.

Basic European case law on healthcare affairs - European Court of Justice - European Union Civil Service.

Nr	Court	Case number	Legal context	Prosecution
1	Court of justice	Commission v. Germany Case C-562/10 ³²	Reg. 1408/71	-Failure of a member state to fulfill its obligations - Infringement of Article 56 TFEU - National legislation on the insurance of non-self-employed persons, which, in the case of an insured person’s temporary stay in another member state, limits the entitlement to care allowance to 6 weeks, excludes reimbursement of the costs of hiring out the care equipment that the reimbursement of the costs of care in kind in the member state of residence does not apply to the same rate as when special care is provided in Germany
2	Court of justice	The Queen, on the application of: Yvonne Watts v. Bedford Primary Care Trust, secretary of state for Health. Case C-372/2004³³	Article 22 of regulation No 1408/71	-Reference for a preliminary ruling - Court of Appeal (Civil Division) - Interpretation of Articles 48, 49, 50, 55 and 152 (5) EC and Article 22 of regulation (EEC) No 1408/71. Conditions for reimbursement of hospital costs provided without prior authorization in a member state other than that of the competent institution
3	Court of justice	Aikaterini stamatelaki v. (Insurance Institution for the Liberal Professions; ‘the OAEE’ Case C-444/2005³⁴	- Article 22 of Council regulation (EEC) No 1408/71. - Article 49 EC	Reference for a preliminary ruling: Administrative Court of First Instance of Athens - restrictions on freedom to provide services - reimbursement of hospital costs incurred in private hospitals - justification and proportionality of the refusal to pay
4	Court of justice	Manuel Acereda Herrera v. Servicio Cántabro de Salud C- 466/2004³⁵	The interpretation of Articles 22 and 36 of Council regulation (EEC) No 1408/71	- Reference for a preliminary ruling - Tribunal superior de justicia de Cantabria, santander -Replacement of costs travel and accommodation by the institution that approved the hospitalization abroad. Freedom to provide services - Discrimination on grounds of nationality. - Compatibility of national legislation with Articles 81 EC, 82 EC and 87 EC.
5	Court of justice	Mr Ioannidis v. Greek Social Insurance Institute “The IKA” C-326/2000³⁶	The interpretation of Articles 31 and 36 of Council regulation (EEC) No 1408/71	- Social insurance - Hospital care of pensioner during his stay in a member state other than the state where he resides. - Conditions for the assumption of hospital costs
6	European Union Civil Service Tribunal (First Chamber)	Case F-46/09³⁷	-Directive 95/46/EC. -Regulation 45/2001	Civil service – Contract staff – Conditions of engagement – Whether physically fit – Pre-recruitment medical examination – Protection of individuals with regard to the processing of personal data – Medical confidentiality – Transfer of medical data between institutions – Right to respect for private life

Table 2.

Basic European case law on healthcare affairs - European Court of Human Rights.

1	ECHR	Case of M.S. v. SWEDEN JUDGMENT of 27 Aug 1997³⁸	Violation of articles 6,8,13 of the convention	Sweden – communication, without the patient’s consent, of personal and confidential medical data by one public authority to another and lack of possibility for patient, prior to the measure, to challenge it before a court
2	ECHR	Radu v. The Republic of Moldova JUDGMENT 15 April 2014³⁹	Violation of Article 8 of the Convention	Moldova - had failed to fulfill its obligation to secure respect for the private life of the applicant as a result of the disclosure by a State-Owned hospital of information concerning her medical condition without her consent
3	ECHR	Roche v. United Kingdom JUDGMENT 19 October 2005⁴⁰	Violation of Articles 8 & 10 of the Convention	United Kingdom – the applicant claimed that he had inadequate access to information about the effects of his exposure to toxic chemicals during tests carried out on him at Porton Down Barracks in 1962 and 1963

According to the table below, jurisprudence has adopted the key features of Community legislation to coordinate social security systems such as improved protection of the rights of trafficked citizens, the principle of simulating events and enhanced cooperation between agencies. Particular emphasis on the proper implementation of procedures for the reimbursement of medical expenses between Member States, the recovery or offsetting of granted and unpaid benefits, the electronic exchange of information and the access of the mobile citizen to social security benefits.

In addition, the inference that can be drawn from the overview is that the case law of the European Court of Justice relates Directive 95/46 to the general principles of law and, thus, to Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms, signed in Rome on 4 November 1950 (ECHR). It has also ruled that Directive 95/46 constitutes a compromise reached by the legislature between the various fundamental rights involved.

In particular, in the decision of Google Spain and Google,³¹ the Court stressed the importance of the practical effect of Directive 95/46 and the effective and complete protection of the freedoms and fundamental rights of natural persons which it intends to safeguard, in particular the right to respect for privacy life, against the processing of personal data, a right to which this directive attaches particular importance.

In this regard, the Court has already ruled that the provisions of Directive 95/46, as they govern the processing of personal data which may lead to an infringement of fundamental freedoms and, in particular, the right to privacy, must be interpreted in light of these fundamental rights, which, according to established case law, are an integral part of the general principles of law, the observance of which is guaranteed by the Court, and which are now recorded in the Charter.

In particular, in the judgment of Google Spain and Google, the Court noted that the Article 7 of the Charter guarantees the right to respect for privacy, while Article 8 of the Charter explicitly declares the right to the protection of personal data and that paragraphs 2 and 3 of Article 8 specify that the processing of such data must be lawful, for specified purposes and with the consent of the person concerned or for other legitimate reasons provided by law, that each person has the right to access the collected data and ask their correction and that the observance of the above rules is subject to the control of an independent authority.

Further inferences can be drawn from the case F-46/09, in which the European Union Civil Service Tribunal (First Chamber) ruled that the right to respect for privacy, which is enshrined in Article 8 of the ECHR and derives from the common constitutional traditions of the Member States, is one of the protected fundamental rights within the legal order of the Union. It includes, in particular, the right of the individual to safeguard the confidentiality of his health, infringement on the private life of the person concerned, whatever the subsequent use of the information thus disclosed. In addition, fundamental rights have been deemed to be subject to restrictions, provided that these restrictions actually serve the purposes of the general interest and do not constitute, in view of the intended purpose, an excessive and impermissible interference with the very essence of the right to security. In this regard, Article 8 (2) of the ECHR must be taken as a reference point. Under this provision, the intervention of a public authority in private life may be justified to the extent that i) “is provided for by law”, ii) pursues one or more of the purposes listed in the ECHR and iii) is “necessary” to achieve it for these purposes. However, the scope of this margin depends on a number of factors, including the nature of the included right in the ECHR, its significance for the person concerned, the nature and purpose of the operation. This margin tends to be limited where the right in question is vital to the substantial enjoyment of individual or fundamental rights. When particularly important aspects of a person’s existence or identity are at stake, the scope provided to the state is limited.

Axe 2: National health policy and national legal frameworks

As a second step we approached the formation of the national legal frameworks on health affairs through the aspect of the national followed health policy. This choice was made because the Welfare State as well as the industrial relations systems have been established in Europe after the war in the national states, undergoing strong pressures from industrialization, the rise of capitalism, workers' mobilizations, and the inherent differences due to different structures and forces, such as these emerged from historical, political, economic and social developments. These factors contributed decisively to the formation of the welfare state, creating both common policies and national specificities, so that these characteristics could be the subject of an analysis of comparative social policy, which develops interpretative tools to interpret current data and address future challenges, in the form of “models”, which group the welfare states according to their common elements. It is generally accepted that the central idea of a welfare state consists in the social status of the citizen, which is determined by the de-commutation of the individual’s position towards the market, the dynamics of the welfare state as a stratification system and the interaction of its activities state, the market and the family in social benefits. As a condition the social state responds to a specific, historically defined form of organization of the relation between state and society and expresses the constitutional, legislative and organizational standardization of the state’s provisioning and regulatory mechanisms and relies on a single central authority, a centralized budgetary mechanism of concentration and redistribution of resources and the single labor market, which allow modern states to intervene and regulate social processes and market distortions the benefit of the weaker layers by redistributing income and social resources. In the study the models and regimes of social policy according to Titmuss, Esping – Andersen⁴¹ and Ferrera⁴² as well as the models of health systems (Bismarck, Beveridge and Liberal model) were used as comparative data in order to approach and select the countries that formed the sample of the study. According to these elements we chose four European countries (Table 3) which follow different national health policies and have organized their health systems on different theoretical, administrative and economical base in order to focus and compare the legal framework on the protection of personal data as a prerequisite of the interoperability in cross border health services.

Table 3.

Country sample.

Country	Government	GDP (2017)	Healthcare system	Social policy model
Greece	Unitary parliamentary republic	289,398 b. $	Bismarck& Beveridge	Southern model
France	Unitary semi-presidential republic	2.733,678 b. $	Bismarck	Conservative model
Sweden	Unitary parliamentary constitutional monarchy	498,121 b. $	Beveridge	Social democratic model
Poland	Unitary semi-presidential republic	1.054,132 b. $	Bismarck	Post – Communist model

The review on the national legislation of the sample countries has demonstrated the catalytic influence of the EU at institutional, social and political level despite the degree of centralization of a country’s health system and its financial organization (Bismarckian or Beveridgian). The level of protection of personal data in European countries, as shown in Table 3, is high, with special treatment and safeguards in respect of sensitive personal data. The protection of personal data and respect for privacy are important fundamental rights and, in view of globalization and the digitization of services, a balanced approach needs to be reached between strengthening security and safeguarding human rights, including the protection of privacy data and privacy. European legislation appears to be at a common starting point and to some extent follow a common course with regard to privacy policies. Moreover, prioritizing their protection, as demonstrated by the introduction of Regulation 2016/679, demonstrates the particular importance the EU attaches to the issue, as the reform of the protection of personal data in the EU will strengthen the rights of citizens by giving them better control of their data and ensuring that their privacy continues to be protected in the digital age. In fact, the adoption of the Regulation, in conjunction with the individual national legislative framework (as it does not contradict the content of the Regulation), will provide the basis for achieving legal interoperability in cross-border health services and will bring together two key objectives, on the one hand, the development of the internal market and, on the other, the protection of the fundamental right of personal data (Table 4).

From the overview of the applicable European legal framework and case law important conclusions can be drawn. The main purpose of the case law of the European Court of Justice is to ensure the effective coordination of cases involving social security systems in all Member States. The jurisprudence is a reference point in the field of coordination of the social security systems of the Member States, as it interprets European legislation, significantly facilitates the lives of European citizens who can more easily exercise their right to freedom of movement within the European Union and strengthens co-operation obligations between social security administrations.

Proposed model of legal interoperability

It must be recognized that politics is the most important driving force for achieving interoperability and the institutional transformation of societies. Policy defines institutional planning, sets the limits of democracy and legitimacy, shapes the nature, influence and effectiveness of national and supranational law. However, taking a political decision is the result of a series of ideological, economic, social and legal factors and issues. In the case of health policy making, the decision may be influenced by the general and specific characteristics of the health system, its source of funding, the degree of centralization or decentralization of the system, the budgetary implications and the degree of political influence of the decision. From this aspect the legal interoperability model can be shaped as shown previously in Figure 2.

The major concern that arises from the above results is whether the law can be an obstacle to achieving legal interoperability. In order to answer to this question, we must define the framework in which legal interoperability will work, as well as the facts that are indisputable.

Fact 1: European Union is an “autonomous territory of law’’.

Fact 2: The EU’s stature is based on the sovereign will of the States and on the fact that the States are ultimately the owners of the Treaties in order to be bound by them in principle and unable to refuse their application unless they have denounced them and have not left, (but formally retain the right of withdrawal).

Fact 3: One of the basic legal principles proclaimed by the ECJ is the primacy of Community law over the law of the Member States.

Fact 4: In many judgments, the Court ruled that the primacy of Community law was a prerequisite for achieving legal interoperability, which in many cases triggered the reaction of national judges.

The solution to this problem could come through the “dialogue” between the European and national judges, which can lead to the reconciliation and compatibility of the two legal worlds, can ensure the application of the law in order to guarantee legal interoperability between all Member States.

The proposed model of legal interoperability in cross border e-health services should take account of the internal and external environment (process, participants, legal factors, political, geographic and epidemiological), as well as basic functions that need to be met in order for the legal interoperability model to contribute to integrated eGovernment. The model should be structured on three major pillars: a. Protection and security of data, b. Transparency and c. Civil liability. These pillars will be subdivided, into axes as follows on Table 5:

Table 4.

Legal framework in four EU sample countries.

Countries	Axes of the study
Countries	General legal framework	Specific principles and rules for the protection of personal data	Rights of the individual	Cross-border data transfer
GREECE	• 9A of the Constitution • Law 2472/1997 • Specific Laws	• Legitimacy • Proportionality • Feasibility • Consent • Independent Authority • Special treatment of sensitive data	• Notification • Access • Objection • Correction/Deletion • Temporary judicial protection	Permissible under conditions
FRANCE	• Law 78/71 • Law 2016-1321 (Digital Republic) • Specific Laws	• Legitimacy • Proportionality • Feasibility • Consent • Independent authority special treatment of sensitive data	• Notification • Access • Objection • Correction/Deletion • Determination of the use of data after death	Permissible under conditions
SWEDEN	• Data Act 1973 • PPersonal Data Act 1998 • DDecree 1998: 1191 on personal data • SSpecific Laws	• Legitimacy • Proportionality • Feasibility • Consent • Independent authority special treatment of sensitive data	• Notification • Correction/Deletion	• Permissible under conditions. • Bulk internal binding agreements should be approved by the Authority as Sweden does not participate in the mutual recognition process
POLAND	• Article 51 of the Constitution. • Law 1997. • Specific Laws and rules	• Legitimacy • Feasibility • Consent • Independent authority special treatment of sensitive data	• Notification • Objection • Correction/Deletion	Permissible under conditions

Implications and potential risks

The European Union as a supreme source of law

It’s indisputable that transnational law enables different legal systems to cooperate, but it can also act as a brake on interoperability, as the international legal order is still based on the sovereign state concept, which is traditionally based on the power of the state to establish and applies its own legal rules. However, the fact that international law - as enshrined in treaties and conventions - is not a new concept, the emergence of a supranational organization, given the effective enforcement force, is definitely an innovation. This is because when Member States validate the conditions that give the EU the power to activate and apply its own rules and laws within their sphere of competence, they voluntarily repudiate a significant part of their national sovereignty, especially in cases where an EU legislative initiative violates a fundamental constitutional principle of a member state.

The process of establishing the European Communities was based on the conventional rules of international public law and was based on the sovereign will of the States. The international treaty is the only confirmation and establishment of state sovereignty. Therefore, the EU’s international law origin shows that its status is still based on the sovereign will of the States and that states are ultimately the owners of the treaties (les maîtres de traités) so as to be bound by them in principle and unable to deny if they have not denounced them and have not withdrawn, they formally retain the right of withdrawal as a confirmation of their sovereignty, although the exercise of such a right appears to be extremely difficult to politically impossible.⁴³ At the same time, with regard to the EU, the uniqueness and unrepeatable in the history of nations lies in the fact that while the European Communities were created by the means of international law and based on the will of the states, the international organization that was constructed is an original “legal construct” which lapses from the standards of international law, since it has its own, independent entity and personality, is equipped with decisive powers and powers of legislative and judicial nature and with institutions per reasons to activate them. In essence, it is an autonomous “territory of law” which, although it emerged from the exercise of state sovereignty, has not been equipped with its own sovereignty, except for the “regulatory”, since it can be reproduced as an autonomous regulatory entity with its own law-enforcement and judicial mechanisms, with the law as the sole expedient for achieving its objectives.⁴⁴

The role of the national Judge

The growing supremacy of Community law over national law has been supported by the case law of the European Court of Justice (ECJ), which has relied on the “teleological interpretation” of the Treaty on European Communities. In particular, in cases where the Court has had difficulty in interpreting a provision of the treaty, it has interpreted the overall context of the provision in order to establish its exact meaning. This method, which in theory is also referred to as “judicial activism”^45,46 led the Court to issue important principles, which are not specified in detail by the treaties. Among the basic legal principles declared by the Court was the supremacy of Community law over the law of the Member States. In fact, in 1964, in a landmark decision, the Court ruled that “with the creation of the European Community, Member States have limited their sovereign rights and created a legislative body that connects their nations and themselves ... The law is suspended by the treaty, an independent source of law and, due to its special and authentic nature, cannot be set aside by national legal provisions without depriving it of the character of Community law and without questioning the legal basis of the community at large.“.⁴⁷ Similarly, in 1978, in the Simmenthal decision,⁴⁸ the Court further advanced the judicial reasoning, concluding that the supremacy of Community law also applies to national constitutions. Essentially, through the above decisions, the Court has made the supremacy of Community law a precondition for achieving legal interoperability.

Table 5.

Pillars and axes of legal interoperability model.

Pillar	Axes
Protection and security of data	Consent Transparency Implementation of appropriate organizational and technical measures Ensuring a level of security Ensuring basic rights of a subject Disclosure of a breach of data Mutual cooperation between States Cross-border data transfer agreements
Transparency	Identification of patient health professionals and providers. Development of policies for rational data management. Development of monitoring units for the implementation of legal interoperability at cross-border level
Civil liability	Transparency and proportionality in the imposition of fines and penalties. Strengthening and respecting patients' rights. Constant checking of the compatibility of electronic records with European legislation

At the same time, however, the position of national judges was contrary to the above interpretation of the supremacy of Community law, as they believe that the national constitution and fundamental national law are supreme rules, rather than regimes where the rule of law is based on principle of absolute national sovereignty. Nevertheless, the political will was such that when and where judges deemed it necessary, the constitutions were revised to recognize the constitutional nature of Community law and to allow the targeted transfer of more sovereign powers to the EU. In this way, an important obstacle to legal interoperability was resolved, but additional legal concerns arose, mainly related to the consequences of the supremacy of Community law. A typical example is the case of the German Constitutional Court, which in 1974 argued that although German law allows the transfer of sovereign powers, the European Court of Justice does not trust the necessary re-examination of EU law, given that its conditions did not provide any protection of fundamental rights, with the result that the German Court ruled that it did not waive its right to uphold fundamental rights under national law in the event of a conflict with Community law. Since then, the dialogue between the EU and the national judge has emerged as an ad hoc solution to the legal hurdles, through which the reconciliation and compatibility of the two legal worlds is possible, to ensure that the implementation of Community legislation guarantees legal interoperability between of all Member States. This ongoing dialogue proves that the establishment of a supranational legal order is a viable way to achieve legal interoperability between different national legal classes, but at the same time may conflict with its fundamental legal bases and principles. As predicted, the law itself is usually an obstacle to legal interoperability and unfortunately there is no simple answer to this problem. On the contrary, the example of the EU proves that when the political framework requires further legislative integration, the “big step” is always on the part of trained, progressive and visionary judges, who through their legal judgments allow finding the right legal solutions and applications in order to facilitate the achievement of interoperability.

Conclusion

In the modern globalized environment, the concept and protection of national sovereignty may belong to the past, but the defense of national identity and constitutional specificity is timely as states - nations are called into question by increasingly interconnected economic, cultural and technological trends.⁴⁹ Legal interoperability is a particularly complicated issue, and the cost of “non-interoperable” laws on an ever-interconnected planet is growing. In this context, is more than ever necessary to design and implement new models of governance and institutional frameworks that will allow governments, organizations, businesses and citizens to cooperate without real or institutional borders. The European Union is an interesting example of a transnational entity linking different historical, political, institutional and economic countries through a complex institutional framework based on the development of tools and organizations that seek to create a stable framework for legal interoperability. Besides, the EU is still in a state of transition where it is called upon to slowly and firmly build its institutions of democratic governance and to guarantee individual, social and political rights as a unified and inseparable unity of all those residing and working in the European territory while accepting influences from a variety of current political problems - milestones, such as the debt crisis in Greece, or the exit of United Kingdom.

Therefore, the new models of civilian governance must operate through the diffusion of political power at multiple centers and levels, supported and communicated by a unified regulatory and authoritative web, in order to enable the shaping of a European, public, political sphere, to overcome legal obstacles.

Footnotes

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) received no financial support for the research, authorship, and/or publication of this article.

ORCID iDs

Christina Ntafi

Panagiotis Bamidis

References

Pollock

Hodgson

. Adaptive information – Improving business through semantic interoperability, grid computing and enterprise integration. Wiley Interscience, 2004, pp. 73–74.

European Commission . Proposal for a DECISION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL establishing a programme on interoperability solutions for European public administrations, businesses and citizens (ISA2) Interoperability as a means for modernising the public sector. COM(2014) 367 final/2, Brussels, 28.7.2015, 2014.

HIMSS . The HIMSS 2013 definition of interoperability, 2017.

IEEE . Standards glossary, 2016.

ISO 15926-2:2003(en).

Proposal for a DECISION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL establishing a programme on interoperability solutions for European public administrations, businesses and citizens (ISA2) Interoperability as a means for modernizing the public sector. COM/2014/0367 final.

IDABC . Draft document as basis for EIF 2.0. European Communities. 2008.

Commission of the European Communities, White Paper . Growth, competitiveness, employment. The challenges and ways forward into the 21^st century. COM(93)700.

Chen

Doumeingts

Vernadat

. Structures for enterprise integration and interoperability: past, present and future. Comput Industry 59(2008): 647–659.

10.

Berre

The ATHENA interoperability framework. In: Gonçalves

Müller

Mertins

, et al (eds) Enterprise interoperability II. London: Springer, 2007. pp 569–580.

11.

Refined eHealth European interoperability framework. Brussels: eHealth Network.

12.

European Commission . COMMISSION RECOMMENDATION of 2 July 2008 on cross-border interoperability of electronic health record systems. (2008/594/EC), 2008.

13.

COM (2010) 744: COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS Towards interoperability for European public services.

14.

Charter of fundamental rights of the European Union . Official Journal of the European communities (C 364/200).

15.

European e Health Interoperability Roadmap . Final European progress report. Calliope Network. European Commission. December 2010.

16.

Petersen

Bertelsen

. Citizen personas: exploring challenges of citizen-centric eHealth. Studies in Health Technology and Informatics, Vol. 210. Digital Healthcare Empowering Europeans, pp. 582–586.

17.

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS eHealth Action Plan 2012-2020 - Innovative healthcare for the 21st century. EUROPEAN COMMISSION Brussels, 6.12.2012 COM(2012) 736 final.

18.

Calliope Thematic Network, EU eHealth Interoperability Roadmap. 2010: Brussels.

19.

epSOS, D3.3.3 epSOS Interoperability Framework. 2010.

20.

Stroetmann

. United in Diversity: legal challenges on the road towards interoperable eHealth solutions in Europe. EJBI. Vol. 8, 2012.

21.

https://ec.europa.eu/cefdigital/wiki/display/EHOPERATIONS/eHDSI+Mission.

22.

European Commission . Communication from the Commission: Follow up to the high level reflection process on patient mobility and healthcare developments in the European Union, 2004.

23.

Consolidated version of the Treaty on the Functioning of the European Union - Protocols - Annexes - Declarations annexed to the Final Act of the Intergovernmental Conference which adopted the Treaty of Lisbon, signed on 13 December 2007.

24.

Le Grand

. Motivation, agency, and public policy: of knights & knaves, pawns & queens. Oxford: Oxford University Press.

25.

Walt

Gilson

. Reforming the health sector in developing countries: the central role of policy analysis. Health Policy &Planning 1994; 9: 353–370.

26.

Regulation (EEC) No 1408/71 of the Council of 14 June 1971 on the application of social security schemes to employed persons and their families moving within the Community.

27.

Regulation (EC) No 883/2004 — on the coordination of social security systems.

28.

Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

29.

Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).

30.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

31.

EU:C:2014:317.

32.

Judgment of the Court (Second Chamber) of July 2012 in case C-562/10.

33.

Judgment of the Court (Grand Chamber) of 16 May 2006 in case C- 372/04.

34.

Judgment of the Court (Second Chamber) of 19 April 2007 in Case C-444/05.

35.

Judgment of the Court (First Chamber) of 15 June 2006 in Case C-466/04.

36.

Judgment of the Court of 25 February 2003 in Case C-326/00.

37.

Judgment of the Civil Service Tribunal (First Chamber) of 5 July 2011.

38.

European Court of Human Rights. M.S. v . Sweden - 20837/92. Judgment 28.08.1997.

39.

European Court of Human Rights . Radu v. The Republic of Moldova -50073/2007. Judgment 15.05.2014.

40.

European Court of Human Rights . Roche v. United Kingdom - 32555/96.

41.

Gosta Esping – Andersen . Three worlds of welfare capitalism. Princeton, NJ: Princeton University Press, 1990.

42.

Ferrera

. The Reform of the Social state in Southern Europe. In Matsaganis

(ed.) Perspectives of the social state in Southern Europe (Athens: Ellinika Grammata) (in Greek), 1999.

43.

MacCormick

. The Maastricht- Urteil: Sovereignty Now, Eur L J 1995; 3: 259–266.

44.

Cannizzaro

. 'Esercizio di competenze e sovranita` nell'esperienza giuridica dell'integrazione europea. In Rivista di diritto costituzionale, 1996, p. 105.

45.

Paul

. Craig & Gráinne de Búrca, EU Law: Text, Cases, and Materials 74. Cambridge: Oxford University Press, 2008.

46.

Case 6/64, Flaminio Costa v . ENEL, 1964 E.C.R. 00614. http://eurlex

47.

Case 6/64, Flaminio Costa v . ENEL, 1964 E.C.R. 00614.

48.

Judgment of the Court of 9 March 1978.Amministrazione delle Finanze dello Stato v Simmenthal SpA, ECLI:EU:C:1978:49.

49.

Weiler

JHH

. Fédéralisme et constitutionalisme: le Sonderwerg de l' Europe. In: Une Constitution pour l' Europe. Presses de Sciences Po, 2002, p. 165.