Commissioner Olivér Várhelyi has pushed back against concerns that integrating the EU4Health programme into the proposed European Competitiveness Fund could lead to corporate overreach and commodification of health data, insisting that existing EU legislation provides strict safeguards. In a written answer to a parliamentary question from MEP Friedrich Pürner (NI) on 9 July 2026, Várhelyi stressed that the Competitiveness Fund does not favour any specific technology or provider and that the Commission supports trustworthy AI under its Apply AI Strategy.
The answer comes as the Commission's proposal for the next multiannual financial framework envisages folding EU4Health into a broader Competitiveness Fund focused on strategic technologies. Pürner had warned that granting private tech companies access to publicly financed medical data for AI development could create structural dependencies and risks to patient safety, data protection, and democratic accountability. He also questioned compliance with Article 168(7) TFEU, which reserves Member States' competence for organising health services.
Várhelyi's reply offered no new concrete measures or numerical targets, instead pointing to existing frameworks: the European Health Data Space (EHDS) Regulation, the General Data Protection Regulation, and the Data Union Strategy. He argued that the EHDS already establishes a common framework for secure cross-border health data exchange, strengthens individuals' control over their data, and enables reuse for public-interest research under strict conditions. He also reaffirmed that the Commission fully respects Member States' competences under Article 168(7) and that democratic accountability is ensured through co-legislated EU laws and oversight mechanisms.
the Commission aims to boost competitiveness and AI innovation in health without explicitly addressing the risk of vendor lock-in or the potential for public data to be commercialised. No timeline for legislative follow-up was given, but the answer signals that the Commission considers the EHDS and GDPR sufficient to prevent misuse. Stakeholders most impacted include EU health data holders (hospitals, research institutes) who may face new data-sharing obligations; private tech companies that could gain access to public health data under strict conditions; EU citizens whose health data may be reused for AI development; and national health authorities that retain organisational competence but must align with EU data standards.