Europe's Health Care AI Revolution: A Q&A with Ken Mandl on Building an Interoperable Digital Infrastructure

The rise of AI promises breakthroughs – from predictive analytics to personalized medicine – but realizing this potential depends on something more basic: a digital infrastructure that lets health data flow freely and securely.

Policymakers and business leaders across Europe increasingly recognize that health data interoperability – the seamless, secure exchange of health information across diverse IT systems – is no longer a luxury; it's an urgent necessity for patient care, research, public health, and policy. Without a robust digital infrastructure, even the most advanced algorithms are starved of the information that they need to inform decisions.

To learn more about this topic, Analysis Group Principal Jimmy Royer sat down with Harvard Professor Ken Mandl, who directs the Computational Health Informatics Program at Boston Children's Hospital. In their conversation, Drs. Royer and Mandl examine health care systems’ need for interoperable digital infrastructures across the EU and discuss how stakeholders can leverage health care data expertise to capitalize on the AI revolution while promoting patient sovereignty, privacy, and security.

Why is health data interoperability so important to health care research, innovation, and policy?

Interoperability is foundational to a modern, AI-driven health care system. It ensures that each individual's health data can flow securely across providers, clinics, and applications, empowering patients and clinicians with complete medical histories. Interoperability also enables authorized organizations to efficiently exchange large-scale, population-level datasets critical for health care quality improvement, public health monitoring, medical research, and AI model development. Fragmented data can drive up costs by leading providers to order extraneous tests and delay treatment for preventable complications. Robust interoperability addresses this by ensuring that every clinician, patient, researcher, health care organization, industry innovator, and policymaker has reliable access to comprehensive data to inform decisions on breakthrough innovations and the development and deployment of advanced AI solutions.

What is the current state of health data interoperability in the US?

Over the past decade, the US has made significant strides in health data interoperability. As of late 2022, federal regulations require that every major electronic health record (EHR) system include standardized data-sharing interfaces. All certified EHR systems now support two open “application programming interfaces” (APIs): one for individual patient data access and one for bulk, population-level data exports. These APIs give access to a core subset of health data in a uniform format and are a tech industry standard for interpretation between computer systems.

This public API mandate has transformed the landscape. Millions of Americans can now use third-party health apps, like Apple's Health app, to download their medical records electronically from different providers in one place. Health care organizations and researchers can gather large datasets for analytics, population health, and AI model training, resulting in a growing ecosystem of interoperable tools. Innovative care management apps, clinical decision support systems, and AI-driven services have flourished because they can now connect to any EHR system that adheres to federal requirements.

 

What strategies helped the US make progress on interoperability?

The US pursued a multifaceted strategy blending policy, technology R&D, and industry collaboration. Government action was crucial in setting the rules. The 21st Century Cures Act and subsequent regulations put teeth into interoperability: EHR vendors would lose certification if they didn't implement standard APIs or if they "information blocked" by refusing to share data. This shifted the industry mindset by making data accessibility the default expectation. In addition, health care providers were required to use certified health IT and were also prohibited from information blocking.

Publicly funded R&D and open standards development were also essential. Researchers with the Substitutable Medical Applications Reusable Technologies (SMART) Health IT project created an open API and demonstrated it in real hospital environments. Using a standardized data format and ensuring specifications were openly licensed created vendor-agnostic standards that enabled widespread adoption.

Moreover, market drivers played an important role. The entrance of consumer tech firms like Apple and Google signaled demand for interoperable data, pressuring slow adopters to implement open APIs. In summary, US progress came from aligning policy with technology and business incentives.

What were the major barriers to interoperability in the US and how were they overcome?

The biggest barriers were not technical but economic and cultural. Dominant EHR vendors and large health systems had little incentive to enable data sharing. Keeping data siloed meant locking in customers. This entrenched resistance required strong regulatory intervention. The US government confronted information blocking by threatening penalties and firmly defining patients' legal rights to access their records.

Privacy and security concerns were addressed by building rigorous authorization and authentication protocols into the APIs and giving patients granular control over data access. Real-world experience has shown that standardized APIs can actually enhance privacy through more transparent auditing and patient-directed control. Technical challenges were overcome through investment in IT upgrades, workforce training, and communities of practice that helped solve implementation problems.

 

What lessons can EU policymakers take away from other international adopters of interoperability standards?

Research suggests that there is widespread use of data standardization for sharing health information across systems in national health care projects globally. However, implementation challenges – including inconsistent version alignment, limited regulatory enforcement, insufficient investment, and continued reliance on legacy systems – continue to hinder many countries’ progress toward truly interoperable digital health systems.

Several health systems outside of the US have emerged as the global leaders in health data interoperability and offer valuable lessons for those in the EU. For example, the UK's NHS [National Health Service] now heavily promotes a uniform standard for passing health care data between systems, which shows that – even in a single-payer system – interoperability requires consistent standards and mandates.

In Israel, authorities enacted a groundbreaking 2024 law that puts patients in control of their health information and mandates seamless data exchange across all providers. Every patient in that country has the right to transfer their records between organizations at will, with data shared in standardized, computer-readable formats. Israel pairs openness with strong privacy through explicit patient consent and robust security requirements. And in Taiwan, a nationwide interoperability platform was launched to unify electronic records across hospitals. Taiwan is also creating an "AI app store" ecosystem for health care, where certified AI tools can easily plug into clinical workflows.

How have these lessons been applied within the EU?

The EU's diverse health data landscape presents challenges and opportunities. Like the UK, Israel, and Taiwan, it aims to set a common interoperability baseline across all countries. It enacted the European Health Data Space (EHDS) regulation in March 2025, which requires interoperability and security for EHR systems and makes key categories of health data available in a common European format. Indeed, Europe is already joining a broader global movement by adopting the International Patient Summary (IPS) – a compact, standardized snapshot of essential patient data designed for cross-border, unplanned care.

While IPS is an international standard, European countries are implementing it through EU-wide patient summary guidelines in coordination with HL7 Europe, a nonprofit established to promote health care interoperability in Europe. These efforts leverage standardized patient data profiles to support reliable, interoperable cross-border summary exchange across member states.

Going forward, by investing in pilot projects and sandbox environments (i.e., controlled, isolated environments used for testing, experimentation, and development without affecting the production systems or data) to test interoperability solutions, EU policymakers can demonstrate quick wins and build momentum. Thus, they can create a fertile ground for AI-driven health care innovation while respecting Europe's core values.

How can EU health care leaders advance interoperability objectives within their individual hospitals and organizations?

While policies are being developed, health care leaders can proactively collaborate with IT vendors to implement (or, if they are already built in, activate) open APIs directly within their existing EHR systems. By prioritizing these capabilities in new IT investments, hospitals and health care organizations can future-proof their infrastructure and maximize long-term returns.

Second, health care leaders can develop a culture of data sharing and patient access to facilitate medical record access for patients and their providers. When introducing new digital services or AI tools, they can choose those that use open APIs. Leaders can also proactively ensure that their data governance policies meet current and upcoming data access and privacy rules.

Third, leaders can invest in capacity-building for data and AI: train health IT staff on modern API usage and security, equip data analytics teams to handle the influx of richer data, and develop or acquire AI applications that can leverage comprehensive patient data.

Finally, health care leaders can foster collaboration rather than competition over data. Health care is not a zero-sum game; when hospitals share data with patient consent, patients win and the overall system gains knowledge. Organizations that can seamlessly plug into Europe's emerging health data space will be the first to deploy powerful AI-driven solutions at scale. ■