Toward a Federated Learning Architecture for the European Health Data Space: Integrating IDSA Data Space Principles and Data Mesh Governance
Fabio Liberti
University of the Italian Chambers of Commerce -- Universitas Mercatorum, Rome, Italy
fabio.liberti@studenti.unimercatorum.it
This repository contains the extended abstract and supporting materials for the paper submitted to ICID-2026 -- 4th International Conference for Information Systems and Design (Ulaanbaatar, Mongolia, May 15--17, 2026), published in Springer LNCS/CCIS proceedings (SCOPUS-indexed).
The paper proposes a three-layered reference architecture for deploying federated learning within the European Health Data Space (EHDS), established by Regulation (EU) 2025/327. The architecture integrates IDSA Reference Architecture Model standards, Data Mesh governance principles, and hierarchical federated learning to enable privacy-preserving, cross-border health AI while ensuring full regulatory compliance.
 |
 |
| Fig. 1. Research overview: EHDS context, proposed architecture, evaluation scenario, and expected contributions. | Fig. 2. Reference architecture for EHDS-compliant federated learning with IDSA RAM and Data Mesh governance. |
The EHDS regulation entered into force on 26 March 2025, establishing a decentralized infrastructure for the secondary use of health data across EU member states. While the regulation mandates Secure Processing Environments (SPEs), Health Data Access Bodies (HDABs), and the HealthData@EU cross-border platform, the architectural integration of privacy-enhancing technologies -- particularly federated learning -- remains largely unaddressed in the literature.
Research question. How can federated learning be architecturally integrated within the EHDS framework by leveraging European data space standards and federated data governance?
Methodology. Design Science Research (Hevner et al., 2004). The artifact type is a model -- a conceptual representation that aids understanding and solving the problem of EHDS-compliant FL deployment.
The architecture is organised into three layers, each mapping to a distinct concern and set of EHDS regulatory provisions:
| Layer | Paradigm | EHDS Role | Key Components |
|---|---|---|---|
| Data Space Infrastructure | IDSA RAM + Dataspace Protocol (DSP 1.0.0) | Trusted cross-border data exchange; policy enforcement and identity management (Art. 50, 75) | IDSA Connector (EDC), Federated Catalog, Decentralized Claims Protocol, SPE integration |
| Federated Data Governance | Data Mesh | Domain ownership by national HDABs; data-as-product with quality contracts (Art. 55--58) | HDABs as domain owners, Health DCAT-AP, HL7 FHIR interoperability |
| Privacy-Preserving Computation | Hierarchical FL | Distributed AI training: local, national (HDAB), European (HealthData@EU) | Cross-silo FL, Hierarchical FedAvg, additive secret sharing, differential privacy budgets, audit logging |
Core design principle. Data sovereignty by design -- patient data never leaves the originating domain; only model parameters, governed as data assets, traverse the network.
The paper addresses a gap at the intersection of three research streams:
| Reference | Contribution | Limitation |
|---|---|---|
| van Drumpt et al. (2025), Frontiers in Digital Health | Map PET challenges in the EHDS | No concrete architectural proposals |
| Frohlich et al. (2025), JMIR | Analyse FL deployment barriers in EU health data | Do not integrate IDSA or data space standards |
| Winter et al. (2025), Stud Health Technol Inform | Model the EHDS as enterprise architecture (3LGM2) | Omit privacy-preserving computation entirely |
No existing work bridges all three dimensions -- data space interoperability, federated data governance, and federated learning computation -- within the EHDS regulatory framework.
The architecture is evaluated through a cross-border pharmacovigilance scenario, anchored to the European Medicines Agency's DARWIN EU network. A secondary scenario (rare disease cohort identification) is outlined to demonstrate generalisability.
Five DSR fitness criteria guide the evaluation:
- Regulatory compliance -- direct mapping of architecture components to EHDS articles.
- Interoperability -- compatibility with HL7 FHIR and Dataspace Protocol.
- Scalability -- from bilateral federations to 27 EU member states.
- Privacy preservation -- hierarchical differential privacy budgets at each governance tier.
- Auditability -- logging requirements under EHDS Art. 50.
- A reusable architectural blueprint for EHDS-ready federated learning systems.
- A novel theoretical integration of IDSA data space standards, Data Mesh governance, and hierarchical FL -- a combination not yet explored in the IS literature.
- Actionable design guidelines for Health Data Access Bodies preparing for EHDS compliance by 2029.
.
├── README.md # This file
├── ICID2026_Extended_Abstract_v0.2.4.tex # Abstract LaTeX source (Springer LNCS)
├── ICID2026_Extended_Abstract_v0.2.4.pdf # Compiled abstract (2 pages)
└── figures/
├── ICID_infografica.png # Research overview infographic
└── ICID_diagramma.png # Architecture diagram
LaTeX compilation. The .tex file compiles with pdflatex and requires the Springer LNCS document class (llncs.cls, available from the Springer LNCS template page):
pdflatex ICID2026_Extended_Abstract_v0.2.4.tex
pdflatex ICID2026_Extended_Abstract_v0.2.4.tex- Regulation (EU) 2025/327 on the European Health Data Space. OJ EU (2025). EUR-Lex
- IDSA Reference Architecture Model 4.0 / RAM 5. IDSA
- Eclipse Dataspace Working Group. Dataspace Protocol Specification 1.0.0 (2025). DSP Documentation
- Dehghani, Z. Data Mesh: Delivering Data-Driven Value at Scale. O'Reilly (2022).
- McMahan, B., et al. Communication-Efficient Learning from Decentralized Data. AISTATS (2017).
- Hevner, A.R., et al. Design Science in IS Research. MIS Quarterly 28(1), 75--105 (2004).
- EMA. DARWIN EU. EMA
ICID-2026 -- 4th International Conference for Information Systems and Design
Theme: Co-Creating the Future: Human-AI Teams Designing Tomorrow
Ulaanbaatar, Mongolia (hybrid) -- May 15--17, 2026
Proceedings: Springer LNCS/CCIS (SCOPUS-indexed)
Website: icid-conference.org
This work is submitted for academic peer review. All rights reserved by the author.