Building Trust and Privacy in Cross-Border Health Data Sharing for European Cancer Research

Abstract Data-driven research using artificial intelligence (AI) is transforming biomedical science, yet its application in medical imaging remains limited by fragmented datasets, heterogeneous legislation, and ethical uncertainties. The European Cancer Imaging Initiative (EUCAIM) addresses these barriers by establishing a federated, secure and interoperable European imaging infrastructure, fostering a trusted ecosystem for AI-enabled research. EUCAIM brings privacy, ethics, and security within a single, coherent operational framework. The project implements a risk-based, compliance-by-default approach that embeds Data Protection Impact Assessments (DPIAs) throughout system design, translating legal requirements into verifiable technical safeguards. Its “de facto” anonymization model, aligned with the General Data Protection Regulation (GDPR) and Court of Justice jurisprudence, combines multi-stage anonymization pipelines, cryptographic hashing, and automated re-identification-risk analyses to deliver a federated Secure Processing Environment for researchers. This federated infrastructure is consistent with the European Health Data Space Regulation (EHDSR) and national security frameworks, and ensures data sovereignty, interoperability, and accountability. A comprehensive governance and contractual framework, including Data Sharing and Transfer Agreements, clearly delineates roles and responsibilities, while the Data Access Committee provides robust ethical oversight. EUCAIM thus offers a lawful, secure, and sustainable model of a federated secure environment for the reuse of imaging data, advancing a genuinely data-driven research ecosystem.