Swiss Non-Profit Foundation · Registered October 2025
Your health data belongs to you.
Health Data Safe is a Swiss non-profit foundation that lets anyone gather, read and share their health data, for their own care and for research.
For every type of health data
Explore by role:
Why it matters to you
Your health data exists. You just can't use it.
Thousands of records about your body are scattered across systems you have never seen. The data is there. The access is not.
Thousands
of records about your body, held in systems you cannot access
Every GP visit generates notes, orders, and a prescription. Specialists add reports. Your dentist, your optometrist, your pharmacy, each holds a different slice. A fitness tracker logs your heart rate every few seconds, silently syncing to servers you have never visited. By mid-life, the sum of what is recorded about your health runs to thousands of entries, spread across dozens of disconnected platforms. Almost none of it is yours to see or use.
From scratch
, how every appointment with a new doctor begins
'Any allergies? Previous surgeries? What medications have you tried?' Every new specialist starts from zero. So do you — reconstructing your history from memory, under pressure, hoping nothing important slips. Studies show 40–80% of medical information provided by clinicians is forgotten immediately after a consultation — and half of what is remembered is incorrect. (Kessels, 2003) DOI 10.1258/jrsm.96.5.219 Repeated retellings and incomplete histories are a primary driver of diagnostic errors, which affect roughly 1 in 20 clinical encounters. (WHO, 2023) Source ↗
Zero
of the hundreds of health data systems were built to give you control
Hospitals built EHR systems for clinical workflow and billing. Pharmaceutical companies built databases for drug discovery. Governments built registries for population policy. You appear in every one of them — as an anonymised identifier — contributing data to decisions made without you. HDS is the only Swiss-law non-profit foundation built specifically to give you, not institutions, full legal ownership and control of your own health records.
The clinical reality
You're making decisions on incomplete data.
Every consultation is a reconstruction. Patients approximate their history from memory. Records are scattered across incompatible systems. Consent paperwork exists on paper that no one can audit at scale.
Dozens
of incompatible EHR systems coexist in a single country
Your hospital uses one system. The specialist down the street uses another. The fertility clinic uses a third. When a patient moves between providers, their data doesn't follow. You rebuild the picture from scratch, every time.
79%
of researchers say health data compliance has become more complex
GDPR, HIPAA, ethics committees, consent frameworks, building a clinical registry means months to years of legal groundwork before a single data point is collected. In Europe, more than half of research projects have been delayed by new privacy regulations. Many never get started. (Health Policy, 2024) PMC11443657 ↗
Paper
consent forms, still the standard
Consent obtained on paper cannot be audited at scale. Patients forget what they signed. Regulators increasingly require digital, revocable, granular consent, and most clinical workflows are nowhere near compliant.
The research bottleneck
You're spending more on lawyers than on science.
The health data that would unlock the next generation of treatments exists. But it's locked in commercial silos, ethically compromised, or impossible to access without years of compliance work and millions in legal costs.
47%
fewer research data permits approved in Europe after GDPR-era regulations
GDPR in Europe. HIPAA in the US. LPD in Switzerland. Ethics committees in every country. Separate consent frameworks per institution. In Finland — the first country to fully implement secondary-use health data rules — nearly half of expected research permits simply disappeared. Before you collect one data point, you've spent months to years on legal scaffolding — not science. (Health Policy, 2024) PMC11443657 ↗
0
high-quality, fully-consented women's health datasets exist today
Millions of women track their cycles with precision. But existing apps either don't collect complete cycle data, may use it against you for targeted advertising or even sell it to third parties, or lock it behind proprietary systems. Research-grade women's health data practically does not exist.
40–60%
of clinical trial budgets consumed by non-scientific costs
Administration, monitoring, and regulatory overhead now consume nearly half — or more — of every clinical study budget, leaving less for actual discovery. Recruiting patients who genuinely understand and sustain consent across borders and years remains nearly impossible through existing channels. (HHS/ASPE, 2014) Source ↗
The compliance tax
Great health app ideas die in the compliance phase.
You have a product idea that could genuinely improve how people manage their health. But before writing a line of product code, you face 12–18 months of GDPR architecture, consent management, audit logging, data sovereignty, and security certification.
12–18 mo
to build compliant consent management, in our direct experience
User consent for health data isn't a checkbox. It's a complex legal and technical system — granular, revocable at any time, with a full audit trail available to regulators on demand. Most engineering teams underestimate this by a factor of 10. (HDS internal experience — no published benchmark)
#1
most breached industry, healthcare, 15 years running
When health apps cut corners on security and compliance, real patients pay the price. Healthcare has been the most costly industry for data breaches for 15 consecutive years, averaging $9.77M per incident in 2024. (IBM, 2025) Source ↗ GDPR fines for health data violations run into the tens of millions. Regulators are watching, and patient trust — once lost — doesn't come back.
Most
health app ideas never reach users
The combination of regulatory complexity, patient distrust — after repeated scandals where health apps used data against users or sold it to third parties — and the cost of building proper data infrastructure stops most health app ideas before they ever reach users. (No published figure — community consensus)
The HDS approach
Think of us as a Swiss safety deposit box. For your health.
Only you hold the key, and that single fact changes everything about how your health data works.
The key is yours. Period.
No doctor, no researcher, no company can access your health data without your explicit, specific permission, every time. We are legally bound to enforce your rules. Not even HDS itself can access your data for any purpose you haven't approved.
Swiss law. Non-profit. Permanently.
HDS is a Swiss foundation, federally supervised and tax-exempt. Our founding statutes explicitly ban insurance companies from the platform, and permanently prohibit any sale of patient data. These aren't policies we can change, they're laws.
Consent you actually understand.
When a doctor or researcher requests access to your data, you receive a plain-language explanation of what they want and why. You approve or decline. You revoke access whenever you want. No dark patterns. No buried terms.
The HDS model for clinicians
You focus on medicine. We handle the compliance.
HDS acts as the data controller for your patients' health data. That single legal distinction changes everything: we carry the GDPR, LPD, and consent management burden so you can focus on care, not legal architecture.
“I trust HDS to comply with all legal and regulatory requirements, which represents a colossal task. This allows me to focus on the scientific dimension.”
We are the data controller. You are the processor.
This legal separation is everything. You access only the data your patients have explicitly authorized you to see. HDS enforces the consent rules, logs every access, timestamps every action, makes the full audit trail available on demand.
Integrate with what you already use.
Connect your existing clinical tools to HDS via API. The platform is designed for interoperability, connecting to patient devices (Mira, Tempdrop, Oura), lab systems, and existing EMR platforms via HL7 FHIR.
The HDS model for research
The non-profit CRO, with patients who actually own their data.
HDS operates as what our founders call 'the non-profit mirror of IQVIA', a clinical research infrastructure with one essential difference: we are permanently, legally bound to work in patients' interests. No commercial conflict. No data sold. Ever.
Active, informed consent, legally traceable.
Every participant has explicitly opted in, in plain language, understanding exactly what their data will be used for. Consent chains are fully audited and traceable. No grey areas, no retroactive consent requests.
Research-grade data, coded to standard.
HDS's data model covers 92 health data point types, coded to SNOMED-CT, RxNorm, FHIR, and WHO ATC. Your team doesn't clean the data, it arrives structured and analysis-ready.
Governance by citizens and ethics committees.
Data access is governed by independent ethics committees and citizen boards. This is not a formality, it's the mechanism that makes your research legally publishable and internationally reproducible.
Build on HDS
The open-source health data infrastructure you don't have to build.
HDS is built on Pryv.io, 10 years of Swiss-made health data infrastructure, now fully open-source (BSD-3-Clause) and recognized by the UN as a Digital Public Good. Consent management, audit logging, access control, data sovereignty: pre-built. You focus on your product.
Open source. UN-certified.
hds-server-pryv is BSD-3-Clause licensed and recognized by the UN Digital Public Good Alliance. Fully auditable, self-hostable in multiple configurations. No vendor lock-in. You own your deployment.
You're the data processor. HDS holds the controller role.
This is the key legal distinction. HDS carries the data controller obligations, GDPR, LPD, consent framework, regulatory compliance. You access authorized data via API. Clean separation. Clear liability.
Health data model: pre-built.
92 standardized health event types coded to SNOMED-CT, ICF, EQ-5D, and FHIR. A complete health ontology you don't have to design. Deploy hds-lib-js as a dependency and start building immediately.
What you get
Your health, finally in one place.
Your complete health record, in one place
One secure space for your entire health picture: lab results, medications, symptoms, wearable data, and more. Built for real people, not medical professionals. Access from your phone.
Never lose control of who sees your data
New doctor, new specialist, new app, every access request arrives as a plain-language message explaining exactly what is needed and why. You approve or decline with one tap. You revoke at any time. No surprises, no buried terms.
Finally understand what's driving your symptoms
Use your own data with the tools you choose, AI-powered analysis, personal health dashboards, or any new app you want to connect. Spot correlations between your cycle, medications, sleep, and symptoms. Your data, readable by you and the software you trust.
Speciality: feminine health data
HDS is building the most specialised open database for fertility awareness (FABM) data, a standardised model that makes raw data from different apps and methods truly interoperable. Already integrated: Mira, Cyclefeminin.net, FEMM. More on the way.
Help solve conditions that affect millions, on your terms
Your data could advance research on PCOS, endometriosis, chronic pain, and more. You see exactly who is asking, what they need, and why. You approve each request. You opt out at any time. Your contribution stays yours, it is never sold, never shared without your explicit consent.
Clinical tools
A complete picture, before the appointment starts.
Pre-consultation data collection
Invite patients via QR code or link. They receive structured forms in a familiar interface and fill them before their appointment. You receive structured, ready-to-use data.
Doctor dashboard
View multi-dimension patient data timelines — symptoms, medications, lab results, cycle data — in a dedicated clinical interface built for practitioners.
Auditable, revocable consent
Every data access is logged with timestamp, scope, and patient authorization. Patients revoke access at any time. The full audit trail is always available for regulatory review.
Registry and cohort building
Build patient cohorts and clinical registries using HDS's consent infrastructure. You focus on the science. HDS manages compliance and ethical governance.
Research services
From cohort building to analysis-ready datasets.
Women's health datasets (first focus)
Access the first ethically-consented, complete-cycle women's health datasets, millions of high-precision fertility observations, coded and structured. A resource that doesn't exist anywhere else.
CRO-like registry services
Patient recruitment, consent management, registry design and maintenance, longitudinal follow-up, all GDPR/LPD/HIPAA compliant. HDS is the infrastructure; you are the scientist.
European Health Data Space ready
Designed for compliance with EHDS regulation. Research conducted through HDS can be published and reproduced across European and international jurisdictions.
Expand to new therapeutic areas
Starting with women's health, fertility, reproductive health, rare gynecological conditions. Current partnerships cover rare diseases. The platform is built to expand into any therapeutic domain.
Developer platform
Consent, APIs, and a health data model, ready to use.
hds-server-pryv
Core server: REST and Socket.io API, MongoDB backend, SSL/TLS, self-hostable. Three deployment configurations. Fully open source (BSD-3-Clause).
hds-lib-js
TypeScript SDK with consent flow templates (Manager, Collector, Invite, Client), stream auto-creation, Pryv + Socket.io + Monitor integration. Build faster.
Datasets API
51,000+ medication, treatment, and procedure records cross-referenced across WHO ATC, RxNorm, and SNOMED-CT. FHIR-compatible responses. Ready to power drug autocomplete in any health form.
model.datasafe.dev
92 health data point definitions, 12 hierarchical streams, 39 custom event type schemas, multi-language labels. The health ontology as a shared dependency, not something you invent.
The Foundation
Swiss. Independent. Non-profit.
Health Data Safe is a Swiss foundation under Swiss Law, governed by an independent board. Our mission is enshrined: health data is a common good, and we exist to protect and unlock it, with no commercial agenda.
Why we ask
Health data is a common good. We don't sell it.
Every major health data platform generates revenue from patient information, by selling it to advertisers, or by charging researchers for access to data they didn't produce. HDS was built on a different premise: health data belongs to the people it describes, and the infrastructure to protect it should exist outside of market incentives.
That means we carry no revenue from data, no investors expecting a return. What we carry instead is a founding obligation, to build and maintain this technology as a shared resource, not a commercial product. To do that, we rely on donations from people and organisations who share this belief.
Support Health Data Safe →