Towards Dependable, Interoperable and Evolvable Personal Health Data

Spaces Within the European Health Data Space

Gunnar Piho

1 a

, Igor Bossenko

1 b

, Marten Kask

1 c

, Peeter Ross

2,3 d

and Toomas Klementi

1 e

Department of Software Science, Tallinn University of Technology (TalTech), Akadeemia tee 15A, Tallinn, Estonia

Department of Health Technologies, TalTech, Tallinn, Estonia

Research Department, East Tallinn Central Hospital, Tallinn, Estonia

Keywords:

Dependability, Interoperability, Evolvability, Personal Health Data Space (PHDS), European Health Data

Space (EHDS), Decentralized Content-Addressable Storage Network (DCAS), Healthcare Innovation.

Abstract:

This paper examines the challenges and preliminary ﬁndings in developing a dependable, interoperable, and

evolvable PHDS within the EHDS. The proposed architecture consolidates personal health data, including lab-

oratory results, medical history, imaging, omic data, patient-reported outcomes, and wearable device data into

an integrated master copy under individual control. It ensures seamless interoperability for primary use cases

such as diagnosis and treatment and de-identiﬁed secondary uses such as research and AI, adhering to strict

consent requirements. Dependability ensures data integrity, interoperability enables smooth data exchange,

and evolvability allows adaptation to regulatory and technological changes. This framework enhances health

data management, supports sustainable healthcare, and addresses key issues in ownership, security, and us-

ability.

1 INTRODUCTION

The EHDS (European Commission, Directorate-

General for Health and Food Safety, 2022) aims to

harmonise health data management across Europe

by enabling cross-border sharing, enhancing patient

care, and driving innovation. However, achieving

dependable, interoperable, and evolvable health data

management remains difﬁcult due to fragmentation,

privacy concerns, and technological diversity. To clar-

ify these challenges, we identify three key dilemmas

in health data management (Klementi et al., 2024):

a) Accessibility: Balancing broad health data access

for societal beneﬁts (e.g., research, AI, policymak-

ing) with privacy protection remains challenging. So-

lutions must address these competing demands; b)

Comprehensiveness: Fragmented health data across

systems and devices leads to incomplete datasets, af-

fecting decision-making and research. A uniﬁed, in-

teroperable master copy is essential; c) Ownership:

https://orcid.org/0000-0003-4488-3389

https://orcid.org/0000-0003-1163-5522

https://orcid.org/0000-0001-5437-783X

https://orcid.org/0000-0003-1072-7249

https://orcid.org/0000-0002-8260-526X

Health data control is mainly institutional rather than

individual. Personal ownership can enhance data

sharing, continuity of care, and sustainable health-

care.

Despite EHDS ambitions, challenges remain in

achieving a uniﬁed health data ecosystem. Data frag-

mentation, restricted individual control, and balanc-

ing access with privacy hinder progress. Overcoming

these issues is key to dependable, interoperable, and

sustainable health data management that enhances

care continuity and societal well-being.

Figure 1: PHDS Architecture (Klementi et al., 2024).

This preliminary report proposes a PHDS archi-

tecture (Figure 1) aligned with EHDS objectives. By

integrating semantic interoperability, secure decen-

330

Piho, G., Bossenko, I., Kask, M., Ross, P. and Klementi, T.

Towards Dependable, Interoperable and Evolvable Personal Health Data Spaces Within the European Health Data Space.

DOI: 10.5220/0013431000003938

In Proceedings of the 11th International Conference on Information and Communication Technologies for Ageing Well and e-Health (ICT4AWE 2025), pages 330-337

ISBN: 978-989-758-743-6; ISSN: 2184-4984

tralized storage (Swarm, 2022), and user-centric gov-

ernance, we hypothesise that this approach ensures

data dependability, interoperability, and evolvability

while empowering individuals with ownership and

control over their health data, complementing and in-

novatively enhancing existing healthcare IT infras-

tructure without replacing it.

The rest of the paper is structured as follows.

The Methods section deﬁnes the PHDS concept, de-

scribes the tools used, and explains the Design Sci-

ence methodology. The Results section presents the

reference architecture, health data structure, and man-

agement principles. The Discussion section exam-

ines interoperability, dependability, and evolvability,

analysing the architecture within the EHDS ecosys-

tem and its impact on data quality, security, and stake-

holder engagement. The paper concludes with future

research.

2 METHODS

Our approach combines the principles of design sci-

ence methodology with a case study analysis. A ref-

erence architecture for a PHDS was developed by

leveraging semantic interoperability frameworks such

as HL7 FHIR and archetype-based domain models

(Piho, 2011). The proposed architecture ensures com-

pliance with the GDPR and facilitates seamless inte-

gration into the EHDS ecosystem. Three key dimen-

sions—dependability, interoperability, and evolvabil-

ity (Piho et al., 2014)—were examined through real-

world scenarios, including medical emergencies and

cross-border healthcare provision.

Figure 2: European Health Data Space (EHDS) (Klementi

et al., 2024).

A Personal Health Data Space (PHDS) is a user-

centric system allowing individuals to manage and

control access to their health data from sources such

as EHRs, wearable devices, and omic data. It aims to

enhance personal data ownership while improving in-

teroperability, dependability, and evolvability within

healthcare systems.

The following key attributes of a PHDS can be

speciﬁed: a) Data Aggregation: A PHDS consoli-

dates health data from multiple sources, ensuring ac-

cessibility for care continuity; b) User Empowerment

and Control: Individuals own and manage access,

complying with GDPR and HIPAA; c) Interoperabil-

ity: Standardized formats such as FHIR enable seam-

less data exchange across healthcare systems; d) Data

Security and Privacy: Encryption, access controls,

and de-identiﬁcation reduce breach risks while ensur-

ing compliance; e) Evolvability: A PHDS adapts dy-

namically to new technologies, standards and regula-

tory changes.

The following expected outcomes specify the ben-

eﬁts of implementing a PHDS in DCAS networks

such as (Swarm, 2022): a) Enhanced Patient En-

gagement: A PHDS grants individuals full own-

ership and control of their health data, promot-

ing active participation in health management, ill-

ness prevention, and continuity of care. It en-

ables informed decision-making and better coordina-

tion across healthcare providers; b) Improved Health-

care Coordination: By consolidating a person’s

health data under their control within a decentralized

content-addressable storage (DCAS) network, health-

care providers can always access complete informa-

tion. This reduces reliance on centralized reposito-

ries, minimises breach risks, enhances treatment, and

supports secure, consent-driven data reuse; c) Facil-

itation of Research and Innovation: With user con-

sent, de-identiﬁed PHDS data in DCAS networks can

support research, policymaking, and healthcare inno-

vation, advancing medical science while ensuring pri-

vacy and ethical compliance.

However, there are no free lunches. The following

challenges must be considered when implementing

PHDS systems in DCAS networks: a) Data Standard-

ization: Ensuring federated and evolvable interoper-

ability is challenging due to inconsistent data entry,

legacy systems, and evolving technologies; b) User

Engagement: Motivating individuals to manage their

health data requires intuitive interfaces, support sys-

tems, and incentives such as token rewards or reduced

healthcare costs; c) Regulatory Compliance: PHDS

implementations must align with regional and inter-

national data protection laws to safeguard user privacy

and rights. In the EHDS context (Figure 2), PHDS

integration enables seamless health data ﬂow across

borders, improving healthcare and fostering innova-

tion. By tackling data fragmentation, accessibility,

and ownership, a PHDS in a DCAS network advances

Towards Dependable, Interoperable and Evolvable Personal Health Data Spaces Within the European Health Data Space

331

a more efﬁcient, patient-centred healthcare system.

A Decentralized Content-Addressable Storage

(DCAS) network, such as (Swarm, 2022), distributes

data across multiple nodes, ensuring redundancy, se-

curity, and accessibility. Unlike centralized systems,

it uses content-based addressing, enhancing integrity

and reducing tampering risks. As electronic shred-

ders, DCAS networks break documents into tiny,

meaningless fragments (Figure 3), distributing them

across nodes. This prevents reconstruction without

the proper permissions, signiﬁcantly improving secu-

rity and reducing unauthorized access risks.

Figure 3: DCAS Network (Klementi et al., 2024).

The key features of DCAS are as follows (Tr

on,

2021): Content Addressing: Data is identiﬁed by

a cryptographic hash, ensuring integrity and ver-

sion control; Decentralisation: Data is spread across

nodes, eliminating single points of failure; Data Re-

dundancy: Multiple copies ensure availability even if

70% of nodes go ofﬂine; Scalability: The distributed

system efﬁciently handles large data volumes.

We may specify the following advantages of

DCAS in the context of PHDS (Klementi et al., 2024):

Security and Privacy: DCAS ensures strong security

through cryptographic hashing and decentralization,

reducing the risk of centralized attacks; Data Owner-

ship: Patients control access to their health data and

deﬁne usage terms; Interoperability: Aligning with

HL7 FHIR, DCAS enables seamless data exchange

while preserving integrity and eliminating duplication

(Piho et al., 2012). Decentralized access reduces stor-

age needs and operational costs, enhancing efﬁciency.

The Design Science Methodology (DSM) is a

problem-solving approach for developing and evalu-

ating innovative artefacts (Wieringa, 2014). We ap-

ply DSM to design the PHDS framework aligned

with EHDS objectives: a) Problem Identiﬁcation and

Analysis: Using the Estonian Health Information Sys-

tem, we identiﬁed key challenges such as data frag-

mentation, limited individual control, and privacy-

accessibility balance (Ross et al., 2023; Bertl et al.,

2023a); b) Deﬁning Objectives: Based on these chal-

lenges, we established goals for PHDS, focusing on

dependability, interoperability, and evolvability (Kle-

menti et al., 2022); c) Design and Development:

The PHDS architecture integrates semantic interop-

erability, decentralized storage, and patient-centric

governance (Klementi et al., 2024); d) Demonstra-

tion and Evaluation: Two research grants, ’Digital

Health for a Whole and Healthy Society’ (Estonian

Research Council, 2028) and ’Medication Adherence

and Treatment Efﬁcacy’ (Estonian Research Council,

2029), support ﬁve years of clinical evaluation, target-

ing TRL 6 and expanding our research team. By ap-

plying DSM principles, we aim to develop a scalable

and adaptable PHDS architecture, addressing health

data challenges while advancing EHDS goals.

3 RESULTS

3.1 Reference Architecture

The planned system adopts a decentralized, user-

centric approach, giving individuals full control over

their health records. Using a DCAS network, it en-

sures security, scalability, and privacy while comply-

ing with the GDPR and HIPAA. Its modular design

enables interoperability, secure storage, and support

for both primary (treatment, emergency care) and sec-

ondary (research, public health) use cases, prioritizing

privacy and sustainability.

The Core Application (Figure 4) is central to man-

aging personal health records (PHRs) in a DCAS

network (Klementi et al., 2024; Klementi and Piho,

2024). Operating on the user’s device, it ensures pri-

vacy, dependability, interoperability, and evolvability

(Piho et al., 2014). The application presents health

data through a user-friendly interface with annotation,

search, and ﬁltering features. Its abstraction layer

enables independent communication with the DCAS

network, ensuring adaptability without reliance on a

single solution. Root Hash Management: The root

hash uniquely identiﬁes the user’s health data, secured

to prevent unauthorized access or loss. A mutable ad-

dress space within the DCAS network encrypts and

stores the hash, with recovery ensured using Shamir’s

Secret Sharing (Shamir, 2023; Klementi et al., 2024).

Storage Abstraction Layer (SAL): SAL enables seam-

less data storage and retrieval, shielding the appli-

cation from underlying storage protocols. Content

Handlers: Modular handlers support various health

data formats, ensuring compatibility with standards

such as HL7 CDA, FHIR, ISO 13606, openEHR, and

DICOM. Interoperability Layers: These layers en-

ICT4AWE 2025 - 11th International Conference on Information and Communication Technologies for Ageing Well and e-Health

332

Figure 4: Core Application (Klementi et al., 2024).

able secure data exchange with healthcare systems us-

ing federated interoperability and standardized APIs

oerd et al., 2023; Randmaa et al., 2022). Exten-

sion Modules: Downloadable plug-ins enhance func-

tionality, integrating wearable devices and advanced

health analytics.

This architecture gives users full control over

PHRs while ensuring secure, efﬁcient data sharing for

primary and secondary use. Its modular design adapts

to evolving healthcare and technology needs.

3.2 Domain Model

A key aspect of ensuring sustainable semantic inter-

operability and second-order data evolvability is us-

ing a suitable healthcare domain model (Piho, 2011).

This model standardises data meaning across systems,

allowing adaptation to new standards and use cases. It

supports primary uses such as treatment and diagnos-

tics while enabling de-identiﬁed data for secondary

purposes, including research, public health, and AI.

The internal healthcare domain model (Figure 5)

follows the Zachman Framework (ZF), covering key

healthcare architecture aspects and aligning with ZF’s

six interrogatives (Piho et al., 2010b). It includes

sub-models for products, services, involved parties,

roles, processes, events, money, and rules. Using Pe-

Figure 5: Zachman Framework-based domain model.

ter Coad’s item-description model (Coad, 1992), each

entity (e.g., ‘product’, ‘service’, ‘organisation’) has a

corresponding type, ensuring consistency and adapt-

ability over time (Oei et al., 1994).

Products and Services: The ’What’ dimension in-

cludes all healthcare assets, such as medical devices,

records, clinical documents, services, and samples.

Entities are modelled with relationships, classiﬁca-

tions, and properties for comprehensive representa-

tion.

Persons, Organizations and Roles: The ’Who’ dimen-

sion deﬁnes key stakeholders—patients, providers,

payers, regulators, and staff—along with their roles,

rights, and responsibilities. Roles reﬁne this fur-

ther, e.g., ’provider’ includes physicians, nurses, and

lab technicians, enabling role-based access control

(RBAC) and precise task allocation.

Processes: The ’How’ dimension deﬁnes health-

care workﬂows, including admissions, diagnostics,

treatments, and billing, ensuring efﬁciency, compli-

ance, and interoperability. Each process consists of

threads, tasks, and activities, with outcomes recorded

in system registries. Following Peter Coad’s item-

description pattern, every element (process, thread,

task, activity, outcome) has a corresponding type.

Plans are modelled as anticipated processes and out-

comes, aligning with healthcare ontology standards

such as ISO 13940 (ContSys) (S

oerd et al., 2023).

Locations: The ’Where’ dimension models locations

as organisations and organization units rather than

states, cities, streets and houses, linking events to

speciﬁc hospital departments (e.g., admissions, emer-

gency). This domain-driven approach improves re-

source tracking, staff responsibilities, and data de-

identiﬁcation by referencing departments instead of

exact locations. It enhances patient ﬂow management,

compliance, and resource allocation while ensuring

interoperability across healthcare networks.

Events: The ’When’ dimension tracks healthcare

Towards Dependable, Interoperable and Evolvable Personal Health Data Spaces Within the European Health Data Space

333

Figure 6: Peter Coad’s item-description pattern example.

events through structured registries. Inventory ledgers

record acquisitions and disposals, general ledgers log

ﬁnancial transactions, and personnel records track

employment periods. Clinical outcomes are doc-

umented in EHRs, EMRs, PHRs, or Patient Sum-

maries. This approach ensures precise event tracking,

accountability, and semantic interoperability across

healthcare systems.

Rules: The ’Why’ dimension deﬁnes healthcare rules,

distinguishing rule types (Rule) from applicable data

(Rule Context) using Peter Coad’s item-description

pattern. Rules consist of logical operations (AND,

NOT, OR, XOR) and relations (Equals, IsGreater, Is-

Less). They deﬁne role requirements and process se-

quences or interpret clinical results, ensuring precise

and ﬂexible rule implementation across scenarios.

Money and Quantities: These models deﬁne mon-

etary values and measurements with units, ensuring

consistency across the healthcare domain. Standard-

ized units enable calculations, comparisons, and ag-

gregations, enhancing accuracy in ﬁnancial transac-

tions, resource allocation, and data analysis. Inte-

grating these patterns supports data integrity and the

seamless handling of complex ﬁnancial and quantita-

tive requirements.

First-order evolvability (Oei et al., 1994) allows

CRUD operations on a database. By adding ﬁelds

such as RecordId, DomainId, ValidFrom, and Record-

edBy (Piho et al., 2010a; Piho, 2011), changes can

be logged and audit-trailed. Each entity has a unique

DomainId, while every transaction is tracked with a

unique RecordId (Piho et al., 2014).

To achieve second-order evolvability (Oei et al.,

1994), we apply Peter Coad’s item-description pattern

(Coad, 1992), reducing second-order to ﬁrst-order

evolvability for entity type records. By adding prop-

erty types to entity types and properties to entities

(Figure 6), we enable dynamic modiﬁcations of ’ta-

bles and columns’ or ’classes and properties’. This

ensures adaptability, where items represent core en-

tities (e.g., medical devices, patient records) and de-

scriptions store metadata for ﬂexible model updates.

The proposed domain model aligns with the Ob-

ject Management Group’s (OMG) Meta-Object Fa-

cility (MOF) standard, supporting hierarchical ab-

straction: a) M3 Level: A universal domain model

(Single Underlying Model (Meier et al., 2019)) with

archetypes guiding system architecture and deﬁning

M2 Level concepts; b) M2 Level: Domain ontolo-

gies such as ContSys (ISO 13940) deﬁne standard-

ized healthcare concepts, serving as an interoperabil-

ity layer (S

oerd et al., 2023); c) M1 Level: Standards

and terminologies (HL7 CDA, FHIR, openEHR,

SNOMED, LOINC, ICD, DICOM) speciﬁed by M2

Level; d) M0 Level: Practical implementations of M1

Level standards.

This hierarchical alignment ensures the domain

model remains extensible, interoperable, and com-

patible with evolving healthcare standards, support-

ing backward and forward interoperability (Bossenko

et al., 2022). Structured with the item-description

pattern and based on the ZF, the model provides

a robust foundation for healthcare data, informa-

tion and knowledge management. Integration with

OMG MOF enhances interoperability, scalability, and

adaptability, enabling efﬁcient healthcare delivery

and secure personal health data management a within

DCAS-based PHDS.

3.3 Big Health Picture

To unify an individual’s health data under personal

ownership and control, we introduce the Big Health

Picture, inspired by the Big Blood Picture in lab-

oratory informatics. It securely stores all health-

related data, including EHRs, EMRs, lab results,

omics data, medical images, and user-collected data

from wearables and home devices. This approach

enhances privacy, interoperability, and integration

across healthcare platforms. By adopting the Big

Health Picture, individuals gain greater control over

their data while healthcare providers access accu-

rate, up-to-date information. Integrating AI and ML

ensures well-reasoned, evidence-based recommenda-

tions while preserving human decision-making (Bertl

et al., 2023c; Bertl et al., 2023b).

Developing a comprehensive Big Health Picture

requires integrating a robust domain model, such as

the one based on the ZF, with practical serializa-

tion formats for storing PHRs in PHDS within a

DCAS network. HL7 FHIR supports suitable for-

mats: a) JSON: Lightweight, human-readable, and

ICT4AWE 2025 - 11th International Conference on Information and Communication Technologies for Ageing Well and e-Health

334

Figure 7: FHIR Observation (Klementi et al., 2024).

Figure 8: One possible representation of records in Big

Health Picture.

widely used for web-based data exchange; b) Tur-

tle: RDF-based syntax (Figure 7) enabling rich se-

mantic relationships and knowledge graphs; c) FHIR

Shorthand (FSH): A domain-speciﬁc language for ef-

ﬁciently deﬁning FHIR artefacts and extensions; Bal-

ancing Semantics with Syntax: The domain model de-

ﬁnes semantics, while serialization must effectively

capture data types, including text, images, and omics,

ensuring provenance and modiﬁcation history.

Constructing the Big Health Picture: Represent-

ing health data as an interconnected knowledge graph

enhances analytics, clinical decision-making, and per-

sonalized medicine. The structured approach of the

ZF ensures systematic organization beyond simple

RDF triples, advocating for richer data structures

(Vinay K. Chaudhri, 2021). While RDF triples of-

fer ﬂexibility, they may lack the efﬁciency needed for

dependability, interoperability, and evolvability. As

shown in Figure 8, a more advanced internal structure

provides a more precise and functional representation

of personal health data in a PHDS. Integrating a se-

mantically robust domain model with a suitable seri-

alization format is pivotal in constructing a compre-

hensive Big Health Picture. By adhering to the ZF-

based domain model and selecting appropriate data

representation methods, we try to ensure that PHRs

are stored, managed, and utilized to support interoper-

ability, scalability, and comprehensive personal health

data management.

3.4 On-the-Fly Data Transformation

The practical implementation of a Big Health Picture

requires a ﬂexible approach to transforming health

data across formats, enabling seamless integration

with its domain model while ensuring usability for

primary and secondary purposes. Federated Semantic

Interoperability: This approach (S

oerd et al., 2023;

Randmaa et al., 2022) enables collaboration with ex-

isting healthcare IT without uniform formats or cen-

tral repositories. It supports transitioning from legacy

standards such as HL7 CDA to modern ones such as

HL7 FHIR, preserving historical data integrity while

ensuring real-time usability through dynamic conver-

sions.

Tools such as TermX (Bossenko et al., 2024a) use

visual editors and declarative languages such as FHIR

Mapping Language (FML) to enable low-code/no-

code transformations, allowing domain experts to cre-

ate rules without technical expertise. This simpliﬁes

data transformation, improving accuracy and speed.

Bossenko et al. (Bossenko et al., 2024b) highlight

the value of reusable transformation components, or-

ganizing them hierarchically from data types to doc-

ument structures. Modular libraries streamline de-

velopment, enhance consistency, and reduce mainte-

nance effort.

Integration into DCAS Networks: In a PHDS

within a DCAS network, transformation engines must

enable on-the-ﬂy data conversion, dynamically trans-

forming data upon access rather than storing pre-

converted copies. This approach supports federated

interoperability, reducing extensive migrations and

duplications while ensuring cost-effectiveness and ef-

ﬁciency. By leveraging reusable components and

tools such as TermX, real-time transformations bridge

legacy and modern health data formats. Integrat-

ing these capabilities within DCAS networks ensures

interoperability, preserves historical data, and sup-

Towards Dependable, Interoperable and Evolvable Personal Health Data Spaces Within the European Health Data Space

335

ports both primary care and research, making the Big

Health Picture vision achievable and sustainable.

4 DISCUSSIONS

The proposed PHDS architecture embodies the crit-

ical attributes of dependability, interoperability, and

evolvability, which are vital for addressing the com-

plexities of modern health data management.

Dependability in a PHDS is ensured through

DCAS networks, blockchain audit trails, and en-

cryption. Content-addressable storage maintains in-

tegrity, preventing unauthorized changes. Decentral-

ized Storage: DCAS distributes health data across

nodes, reducing failures and enhancing availability.

Data Integrity: Blockchain audit trails (Kask et al.,

2023b; Kask et al., 2023a) ensure transparency and

traceable transactions. Security and Privacy: Encryp-

tion, user governance, and data de-identiﬁcation pro-

tect information. Explicit consent ensures GDPR and

HIPAA compliance.

The architecture’s interoperability bridges frag-

mented healthcare systems, supporting global mobil-

ity. Using semantic interoperability frameworks (Sec-

tion 3), the PHDS model enables seamless data ex-

change across formats such as HL7 FHIR, HL7 CDA,

and openEHR. Standardized Data Exchange: TermX

ensures compatibility with various formats, including

HL7 FHIR, HL7 CDA, openEHR, and OMOP CDA.

Federated Interoperability: A PHDS allows providers

and third parties to access data in the preferred for-

mats while maintaining semantic integrity. Uniﬁed

Health Data Management: A single, interoperable

master copy eliminates redundancies and improves

efﬁciency. The solution’s validation for primary med-

ical use is detailed in (Klementi et al., 2024) and the

Methods section.

The evolvability of the PHDS domain model en-

sures adaptability to regulatory and technological

changes. Modular Design: Its modularity enables the

seamless integration of new functionalities and data

types, such as genomic data and advanced analytics.

Regulatory Alignment: Compliance with GDPR and

HIPAA allows adaptation to evolving privacy, secu-

rity, and data governance policies. Long-Term Via-

bility: The item-description pattern ensures second-

order evolvability, supporting both immediate and fu-

ture healthcare and research needs.

The PHDS in DCAS network architecture tack-

les key challenges, including privacy, accessibility,

data fragmentation, and ownership. Privacy vs. Ac-

cessibility: The system balances research and public

health beneﬁts with strict privacy controls (Klementi

et al., 2024). A secure DCAS network enforces en-

crypted access and requires explicit user consent for

data sharing. Resolving Data Fragmentation: By uni-

fying diverse data sources under individual control,

PHDS eliminates silos and enhances healthcare de-

livery. Semantic interoperability ensures meaningful

data use across systems. Empowering Ownership: A

PHDS places individuals at the centre of health data

governance, fostering trust and transparency in data

sharing.

With dependability, interoperability, and evolv-

ability, a PHDS offers a transformative solution for

modern health data challenges, paving the way for a

secure, efﬁcient, and adaptable healthcare ecosystem.

5 CONCLUSIONS

A PHDS offers a transformative approach to health

data management, addressing critical dependability,

interoperability, and evolvability challenges. By em-

powering individuals with ownership and control, a

PHDS, based on Decentralized Content-Addressable

Storage (DCAS) networks, aligns with the EHDS ob-

jectives and supports societal beneﬁts through en-

hanced healthcare delivery and advanced research op-

portunities. Currently at approximately Technology

Readiness Level 3, the system has received two re-

search grants (Estonian Research Council, 2028; Es-

tonian Research Council, 2029) to validate its appli-

cability in relevant clinical settings within the Esto-

nian e-health ecosystem.

ACKNOWLEDGEMENTS

This research has been supported by the ’ICT Pro-

gramme’ of the European Union through the Eu-

ropean Social Fund and the IT Academy research

measures (Information Technology Foundation for

Education, 2023) and by the ’Digital health for a

whole and healthy society’ (Estonian Research Coun-

cil, 2028) and ’Medication Adherence and Treat-

ment Efﬁcacy in Patients with Dyslipidaemia and

Achievement-oriented Novel Patient Digital Support’

(Estonian Research Council, 2029) research grants.

REFERENCES

Bertl, M., Kankainen, K. J. I., Piho, G., Draheim, D., and

Ross, P. (2023a). Evaluation of data quality in the

estonian national health information system for digital

decision support. In HEDA@ STAF.

ICT4AWE 2025 - 11th International Conference on Information and Communication Technologies for Ageing Well and e-Health

336

Bertl, M., Lamo, Y., Leucker, M., Margaria, T., Moham-

madi, E., Mukhiya, S. K., Pechmann, L., Piho, G.,

and Rabbi, F. (2023b). Challenges for ai in healthcare

systems. In International Conference on Bridging the

Gap between AI and Reality, pages 165–186. Springer

Nature Switzerland Cham.

Bertl, M., Piho, G., Draheim, D., Ross, P., Pechmann,

L., Bucciarelli, N., and Sharma, R. (2023c). Future

opportunities for systematic ai support in healthcare.

In International Conference on Bridging the Gap be-

tween AI and Reality, pages 203–224. Springer.

Bossenko, I., Piho, G., Ivanova, M., and Ross, P.

(2024a). Termx: The semantic interoperability,

knowledge management and sharing platform. Soft-

wareX, 27:101839.

Bossenko, I., Piho, G., and Ross, P. (2022). Forward and

backward compatibility deign techniques applying the

hl7 fhir standard. In HEDA@ Petri Nets.

Bossenko, I., Randmaa, R., Piho, G., and Ross, P. (2024b).

Interoperability of health data using fhir mapping lan-

guage: transforming hl7 cda to fhir with reusable

visual components. Frontiers in Digital Health,

6:1480600.

Coad, P. (1992). Object-oriented patterns. Communications

of the ACM, 35(9):152–159.

Estonian Research Council (2024-2028). Digital health for

a whole and healthy society. Accessed: 2025-02-01.

Estonian Research Council (2025-2029). Medication Ad-

herence and Treatment Efﬁcacy in Patients with Dys-

lipidaemia and Achievement-oriented Novel Patient

Digital Support.

European Commission, Directorate-General for Health and

Food Safety (2022). Proposal for a Regulation on the

European Health Data Space. Accessed: 2024-12-20.

Information Technology Foundation for Education (2018-

2023). IT Academy research support measures pro-

gramme for 2018-2022: Artiﬁcial Intelligence & Ma-

chine Learning; Data Science and Big Data; Robots-

People collaboration and the Internet of Things in In-

dustry processes. Accessed: 2024-05-23.

Kask, M., Klementi, T., Piho, G., and Ross, P. (2023a).

Maintaining data integrity in electronic health records

with hyperledger fabric. In HEDA@ STAF.

Kask, M., Klementi, T., Piho, G., and Ross, P. (2023b).

Preserving decentralized ehr-s integrity. In Telehealth

Ecosystems in Practice, pages 296–297. IOS Press.

Klementi, T., Kankainen, K. J. I., Piho, G., and Ross, P.

(2022). Prospective research topics towards preserv-

ing electronic health records in decentralised content-

addressable storage networks. In HEDA@ Petri Nets,

page 14.

Klementi, T. and Piho, G. (2024). Method and sys-

tem for managing data using decentralized content-

addressable storage networks. European patent Ofﬁce,

priority number EP24166173.5. Submitted pattent.

Klementi, T., Piho, G., and Ross, P. (2024). A reference ar-

chitecture for personal health data spaces using decen-

tralized content-addressable storage networks. Fron-

tiers in Medicine, 11:1411013.

Meier, J., Klare, H., Tunjic, C., Atkinson, C., Burger, E.,

Reussner, R. H., and Winter, A. (2019). Single un-

derlying models for projectional, multi-view environ-

ments. In Hammoudi, S., Pires, L. F., and Seli

c, B.,

editors, Model-Driven Engineering and Software De-

velopment: 7th International Conference, MODEL-

SWARD 2019, pages 117–128, Prague, Czech Repub-

lic, February 20–22, 2019, Revised Selected Papers.

Springer Nature.

Oei, J. H., Proper, H. A., and Falkenberg, E. D. (1994).

Evolving information systems: meeting the ever-

changing environment. Information Systems Journal,

4(3):213–233.

Piho, G. (2011). Archetypes based techniques for develop-

ment of domains, requirements and software: towards

LIMS software factory. PhD thesis, Tallinn University

of Technology.

Piho, G., Roost, M., Perkins, D., and Tepandi, J. (2010a).

Towards archetypes-based software development. In

Sobh, T. and Elleithy, K., editors, Innovations in

Computing Sciences and Software Engineering, pages

561–566, Dordrecht. Springer.

Piho, G., Tepandi, J., and Parman, M. (2012). Towards lims

(laboratory information management systems) soft-

ware in global context. In 2012 Proceedings of the

35th International Convention MIPRO, pages 721–

726, New York. IEEE.

Piho, G., Tepandi, J., and Roost, M. (2010b). Domain anal-

ysis with archetype patterns based zachman frame-

work for enterprise architecture. In 2010 Interna-

tional Symposium on Information Technology, vol-

ume 3, pages 1351–1356, New York. IEEE.

Piho, G., Tepandi, J., Thompson, D., Tammer, T., Parman,

M., and Puusep, V. (2014). Archetypes based meta-

modeling towards evolutionary, dependable and inter-

operable healthcare information systems. Procedia

Computer Science, 37:457–464.

Randmaa, R., Bossenko, I., Klementi, T., Piho, G., and

Ross, P. (2022). Evaluating business meta-models

for semantic interoperability with fhir resources. In

HEDA-2022: The International Health Data Work-

shop, June 19-24, 2022, Bergen, page 14. CEURAT,

Norway.

Ross, P., Metsallik, J., Kankainen, K. J. I., Bossenko, I.,

ae, C., and Maasik, M. (2023). Health Sense: de-

velopment of a universal data model and a standard for

continuity of treatment paths based on international

standards of new generation health information sys-

tems. (In Estonian language), English translation, Ac-

cessed 2025.01.04.

Shamir (2023). Shamir’s Secret Sharing. webpage. (Ac-

cessed: 2023-09-20).

oerd, T., Kankainen, K., Piho, G., Klementi, T., and Ross,

P. (2023). Towards speciﬁcation of medical processes

according to international standards and semantic in-

teroperability needs. In MODELSWARD, pages 160–

167.

Swarm, E. (2022). Swarm is a decentralised storage and

communication system for a sovereign digital society.

webpage. (Accessed: 2022-03-24).

on, V. (2021). The book of swarm. Accessed: Jul, 2:2021.

Vinay K. Chaudhri, Naren Chittar, M. G. (2021). An Intro-

duction to Knowledge Graphs. Accessed: 2022-10-

09.

Wieringa, R. J. (2014). Design science methodology

for information systems and software engineering.

Springer.

Towards Dependable, Interoperable and Evolvable Personal Health Data Spaces Within the European Health Data Space

337