Who Owns my Health Data?

I close my eyes, hoping the brain won’t play tricks on me and send me into a panic mode.

The metallic, rhythmic sounds of the MRI drown out the classical music in my headphones. I am one of the participants in the Swiss Heart Study and this is the first time I have had an MRI. I know that my data will be used to better understand and prevent cardiovascular disease.

A week later, I received a huge collection of data ranging from MRI images to blood tests, DXA scans and fitness test results. Not great, so I need to get off the sofa and spend more time in the fresh air.

And I ask myself: How am I supposed to understand all this? Can I connect it to all the data from my wearables? What about past medical records? How can I use my data to improve my health and share it with someone who will use it for a purpose I believe in, like the Swiss Heart Study?

I would like to have all my health data in one place. Not because I’m a control freak, but because I’m tired of playing detective.

I wear a smart ring that records my sleep. A smartwatch that monitors my heart rate. I have apps for meditation, nutrition, fitness and even one for stress management.

Then there are my medical records – scattered across different countries, in dusty folders or in inaccessible hospital systems. Blood tests in one place. Vaccinations in another. I can’t even access my MRI scans without calling someone.

If it’s my body, why is my data anyone else’s business?

The problem: fragmentation and power imbalance

Today’s healthcare system is a mess. Innovative? Yes. Personalized? Maybe. Integrated? Not in the slightest.

Every new wearable promises insights. Every new clinic carries out its own diagnoses. Healthcare experts estimate that 95 percent of hospital data remains unused. The result is a puzzle with missing pieces, and the patient is often the last to see the whole picture.

Meanwhile, tech companies, providers and platforms do see your data, just not in a way that helps you. They monetize, analyze and lock your data behind terms of service that no one reads. Your digital self is sliced and sold while you struggle to download your lab results.

This is uncomfortable and dangerous. Important knowledge is being lost. Many rare or genetic diseases could benefit from the data and more people could receive appropriate treatment. Duplicate testing wastes money. And patients lose control over something very personal: their health history.

The vision: one patient, one file, complete control

Imagine opening a secure app and seeing everything:

• Your vital signs from wearables
• Your prescriptions and past treatments
• Imaging results, genetic data, allergies, mental health notes
• A timeline that you can control – and you decide who sees what

Now imagine that this doesn’t belong to Apple, Google or your local hospital, but to you. Not stored in 15 places, but under your digital key. Not shared by default, but only when you want it, for a doctor, a second opinion or even a clinical trial you believe in.

What do you get instead? You get valuable personalized insights into your health, access to additional health coaching and telemedicine or health tokens that you can use in the healthcare system.

The turning point: blockchain and decentralized ownership of healthcare data

The Etheros HealthData Foundation, in collaboration with the Crypto Valley Association, recently unveiled a bold but achievable vision for health data ownership.

Your proposal? Use blockchain to give control back to the individual while ensuring trust, data protection and interoperability.

The approach is simple. I am the owner of the data. I can safely share it with the institutions and purposes I trust and be rewarded for it. Sharing my health data is a sensitive topic, but with zero-knowledge proof protocols, I can anonymize the data before sharing it.

When I hear about blockchain, I think of transparency, but what about my privacy? There is a solution for that too: digital identities (DID) can be used to protect my identity.

In addition, the blockchain allows me to use personal health vaults, encrypted and secure storage locations where I can store my data and my consents – I grant and revoke access instantly and have full control over who can view my data, when and why at all times.

It is a model in which ethics and technology meet and patients finally become partners and are no longer passive subjects.

The change: What do we need to own our health data?

Interoperability

If we want patients to truly own their healthcare data, we can’t ignore the infrastructure behind the scenes. One of the most important parts of this infrastructure is something called Fast Healthcare Interoperability Resources (FHIR). It may sound like another complicated acronym, but it’s actually one of the most promising enablers of change in healthcare.

Fast Healthcare Interoperability Resources (FHIR) is a technical standard that defines how healthcare data can be formatted, exchanged and accessed across different systems. Simply put, it tells hospitals, labs, pharmacies, insurers and even health apps how to speak the same digital language. That’s a big deal when you consider that most healthcare systems today still operate in silos, with data stored in proprietary formats that are difficult for patients in particular to access.

Legal clarity

If patients are to be the owners of their health data, we need clear rules on what this means in concrete terms. Who owns the data? Who has access to it – and under what conditions? All too often, laws are vague or vary from country to country, leaving both patients and providers in the dark. Genuine data ownership needs a legal basis that defines rights, obligations and remedies in the event of breaches of these rights.

Patients need clear, enforceable rights to their health data: the right to access it, share it and decide who uses it. The Ethereos Health Data Foundation is working to define these rights in practical terms, using smart contracts and decentralized governance to translate legal intentions into verifiable actions.

Trust through transparency

Technology alone does not create trust – transparency does. Patients need to know what data is being collected, how it is being stored and who is using it. Blockchain can verify data integrity without revealing personal information.

Patients do not trust any system that they cannot see. Blockchain provides a transparent, tamper-proof record of all data access and transactions. With Ethereos, every action – who accessed what, when and why – is recorded in such a way that it cannot be altered or concealed. It is not about blind trust in institutions, but about verifiable trust that is built into the system itself.

Global cooperation

Data does not stop at borders. This should also apply to our solutions.

Health data should be as mobile as we are. People move to other countries for work, study or health reasons, but their health data often remains trapped in national systems.

If we want true data ownership, we need international cooperation: common standards, mutual recognition of digital identities and coordinated data rights. This is not just a technical challenge. As with all major problems, from climate change to the well-being of humanity, it is a question of political will and global coordination. Without this, we are building isolated solutions in an interconnected world.

Why this is important now

The future of medicine is predictive, personalized and preventive. However, all of this is ineffective if the data is scattered, isolated or misused.

As patients, we are becoming better informed, more digital and more connected. But we are also more vulnerable to a system that is not designed to provide us with holistic care.

Health should not feel like a labyrinth. We deserve clarity. Personal responsibility. Simplicity.

In a world where we can control smart homes, digital wallets and even autonomous cars, it shouldn’t be too much to ask to control our own health data too.

The technology is there. The framework conditions are in place. And the time is now.

Mirela Dimofte

Read also: Electronic patient file: Basel-Stadt tries again