Opt-Out Health Data Governance: Comparing Germany’s and France’s Regulatory Model

The ability to reuse routinely collected healthcare data has become a central aspect of modern clinical research and real-world evidence (RWE) generation. Across Europe, governments are reforming their legal frameworks to enable large-scale health data analysis while maintaining strong protections for patient privacy and individual rights. Two particularly instructive examples are Germany and France.

 

While both countries operate under the European General Data Protection Regulation (GDPR) and are preparing for the implementation of the European Health Data Space (EHDS) (1), their national governance models for secondary use of health data have historically followed different paths. Germany has recently introduced an opt-out model linked to the electronic patient record, Elektronische Patientenakte (ePA), and the Health Data Usage Act (2, 3), while France relies on a regulatory authorization framework supervised by the national data protection authority (Commission nationale de l'informatique et des libertés, CNIL) (4, 5).

 

Comparing these two approaches illustrates the evolving balance between individual control, regulatory oversight, and the growing demand for large health datasets to support research and innovation.

 

 

Germany: From Opt-In to Opt-Out Electronic Patient Records

 

Historically, the development of digital health infrastructures in Germany progressed slowly compared with other European countries. The legal framework placed strong emphasis on explicit consent for health data processing beyond direct care, meaning that many research projects required patients to actively provide consent before their data could be reused (6). While this approach strongly protected individual autonomy, it created substantial barriers to large-scale observational research. Cohort studies often had incomplete participation, and datasets were not always representative of the population receiving care. This situation limited the country’s ability to generate robust RWE and advance in RWE research.

 

The debate intensified as other European countries demonstrated the scientific value of large health databases built from routine care data. Scandinavian countries such as Denmark, Sweden, and Finland have long operated national health registries that allow researchers to analyze longitudinal patient outcomes at population scale. These infrastructures made it possible to conduct influential pharmacoepidemiological studies, evaluate long-term safety of medicines, and monitor healthcare quality. German policymakers began to see the lack of comparable infrastructure as a disadvantage for clinical research and for the development of innovative therapies (7).

 

At the same time, the European regulatory environment evolved, with the EU promoting the secondary use of health data as a key component of digital health policy, culminating in the development of the EHDS (1). Within this broader European context, Germany faced growing pressure to modernize its data governance framework.

 

In January 2021, Germany introduced the Elektronische Patientenakte (ePA) under an opt-in model, requiring patients insured through statutory health funds to actively request the creation of their electronic record. Uptake under this system was extremely low, with fewer than 1% of insured individuals activating an ePA by 2023 (2, 8, 9). This limited adoption highlighted the challenges of scaling digital health infrastructure under an opt-in framework and prompted policymakers to reconsider the approach. In 2023, legislation transitioned the ePA to an opt-out model, allowing electronic patient records to be created by default while giving individuals the right to opt-out or restrict the secondary use of their data (3, 8). The opt-out system, now implemented alongside the controlled use of pseudonymized health data under the Health Data Usage Act (GDNG), represents a major policy shift in a country that historically maintained one of Europe’s most restrictive regimes for health data reuse (3, 10). The opt-out model substantially increases population coverage. Citizens, however, retain the right to object to the creation of their record or to the secondary use of their data for research at any time, which requires research infrastructures to be technically capable of removing or excluding data associated with withdrawn consent.

 

The policy was politically controversial. Privacy advocates warned that default inclusion could undermine informed consent and expose sensitive medical data to misuse. Civil society organizations and data protection authorities also expressed concern that citizens might not fully understand the implications of secondary use if the system relied primarily on opt-out rather than explicit consent (8). Conversely, research institutions, hospitals, and pharmaceutical companies argued that an opt-in system would make it impossible to build representative datasets, emphasizing that modern healthcare research depends on analyzing millions of patient records to detect treatment patterns, rare adverse events, and long-term outcomes (9).

 

The final compromise reflects these competing perspectives. While the opt-out system expands the availability of health data for research, it simultaneously introduces strong governance mechanisms. Access to large datasets is typically mediated through controlled research environments and national data access bodies such as the Health Research Data Center (FDZ Gesundheit) (10, 11), which evaluates requests and ensures that projects serve legitimate scientific or public health objectives.

 

 

France: Regulatory Oversight and the SNDS

 

The German model contrasts in interesting ways with the historical approach taken in France. French health data governance is shaped by the CNIL, which oversees the processing of personal data under the French Data Protection Act and the GDPR (6, 7). France traditionally relied more heavily on formal regulatory authorization rather than dynamic opt-out systems. Many research projects using health data require either authorization from the data protection authority or compliance with predefined reference methodologies. One of the most important of these is MR-004, which governs non-interventional research based on existing healthcare data (5).

 

Under the French model, the reuse of health data is possible without explicit consent in certain research contexts, particularly when the research serves the public interest and when strong data safeguards are implemented. However, the system relies heavily on institutional oversight and regulatory approval processes. Researchers must demonstrate compliance with detailed methodological and legal requirements before data processing can begin. Patients must also be informed about the reuse of their data and retain the right to object, but the governance emphasis is placed more on regulatory authorization than on continuously updated opt-out registries (5).

 

Another distinctive feature of the French system is the existence of a national health data infrastructure known as the Système National des Données de Santé (SNDS). This database aggregates administrative health data from insurance claims, hospital records, and mortality statistics covering a large proportion of the French population. Access to this database is strictly regulated and granted only to projects demonstrating a clear public interest. The infrastructure has enabled numerous large-scale epidemiological and pharmacoepidemiological studies, including analyses of medication safety, healthcare utilization patterns, and outcomes of chronic diseases (12).

 

 

Comparing Germany and France

 

Comparing these two national approaches illustrates two different regulatory philosophies. France historically emphasized centralized governance and formal authorization procedures, while Germany emphasized individual control and consent. The introduction of the opt-out model in Germany represents an attempt to reconcile these traditions with the need for scalable health data research. Both countries are now gradually converging toward a European framework shaped by the EHDS (1), which encourages secure access to large datasets while maintaining strong protections for individuals.

 

From the perspective of RWE generation, the shift toward opt-out participation has significant implications. Larger and more representative datasets become available, improving the statistical power of observational studies and enabling analyses of rare conditions or long-term treatment effects. At the same time, the requirement that individuals can withdraw from secondary data use at any time forces research infrastructures to adopt more sophisticated governance and technical mechanisms. Databases must remain responsive to changes in consent status, and data access must occur within tightly controlled environments that prevent uncontrolled duplication of datasets.

 

In this sense, the German reform reflects a broader transformation in health data governance. Instead of treating research datasets as static assets collected once and used indefinitely, modern frameworks increasingly treat health data as a dynamic resource whose use must remain continuously accountable to the individuals from whom the data originate. This approach is likely to become more widespread across Europe as the EHDS enters into force and national systems adapt to its requirements.

 

 

References

1. European Commission. European Health Data Space (EHDS) Regulation. European
2. Bundesministerium für Gesundheit. Elektronische Patientenakte (ePA) – Einführung 2021. Berlin: Federal Ministry of Health; 2021.
3. Bundesministerium für Gesundheit. Gesetz zur verbesserten Nutzung von Gesundheitsdaten (Health Data Usage Act – GDNG). Berlin: Federal Ministry of Health; 2023.
4. French Government. Loi Informatique et Libertés (Law No. 78-17 of 6 January 1978, as amended).
5. CNIL. Méthodologies de référence pour les traitements de données de santé – MR-004.
6. OECD. Health Data Governance for the Digital Age: Implementing the OECD Recommendation on Health Data Governance. OECD Publishing, 2024.
7. Papadopoulos K., Struckmann V., von Wyl V., Gille F. Citizen Views on an Opt-Out Approach to National Electronic Health Records: A Small-Scale Qualitative Study. Int J Public Health, 2024.
8. Gille F., Papadopoulos K., Struckmann V., von Wyl V. Citizens’ Acceptance of Electronic Patient Records in Germany. Int J Public Health. 2024;69:Article 1021.
9. Jung C. et al. Digital Health Infrastructure and Electronic Patient Records in Germany: Challenges and Perspectives. J Med Internet Res, 2023.
10. BfArM – Federal Institute for Drugs and Medical Devices. Health Research Data Center (FDZ Gesundheit): Access and Use of ePA Data for Research. 2026.
11. German Federal Institute for Drugs and Medical Devices (BfArM). Health Research Data Center (FDZ Gesundheit).
12. Tuppin P. et al. Value of the Système National des Données de Santé (SNDS) for Health Research. Lancet Public Health, 2017