Starting in 2025, nearly 90% of Germany’s population will have access to electronic patient records (ePA), barring opt-out choices. While the rollout faces delays, testing will start in select regions by mid-January 2025. Health insurance providers must create ePAs, but concerns about data security, patient confidentiality, and communication about its benefits persist. Users can manage access to their data, but the reliance on mobile apps may exclude some individuals. Health data will also be anonymized for research purposes.
The Introduction of Electronic Patient Records in Germany
Starting in 2025, approximately 90 percent of the German population will have access to an electronic patient record (ePA), unless they choose to opt-out. This digital record will serve as a comprehensive repository for essential health information, including X-rays, medical letters, and laboratory results.
Due to ongoing technical challenges, the rollout of the ePA will not commence as planned on January 1, 2025. Instead, testing will begin in select model regions on January 15, with a nationwide implementation anticipated by mid-February 2025.
Understanding the Electronic Patient Record System
Under new regulations, statutory health insurance providers are obligated to create an ePA for their members. Individuals who prefer not to participate must express their objections explicitly. However, there is a lack of clear communication regarding the advantages and disadvantages of the ePA.
Current promotional campaigns present an overly optimistic view of the ePA, while some experts at the Free Doctors Congress have criticized it as ‘banana software’ and raised concerns about compromising medical confidentiality.
Security and data protection are paramount. Professor Ulrich Kelber, a former Federal Data Protection Commissioner, has voiced significant concerns about the ePA’s implementation. Centralizing health data carries inherent risks, and while digital systems can function effectively, they are not infallible. Gematik asserts that high-security standards are in place, with data stored in German data centers and accessible only to patients and healthcare professionals. The Fraunhofer Institute for Secure Information Technology has approved the system after thorough evaluation.
It’s crucial to understand that once you activate your ePA and present your health card at a doctor’s office, a treatment context is established for 90 days, granting the practice full access to your ePA. For pharmacies, this access lasts three days. If you wish to restrict access, you must block specific information in advance. Additionally, the treatment context can be modified through an app.
The usability of the individual ePA applications remains uncertain, as there is no central app for the ePA. Users must engage with their ePA applications to maintain control over their data, preventing potential loss of privacy.
Digital health data is a valuable resource, and the Ministry of Health plans to utilize this information for research purposes. The data from the ePA will be anonymized before being sent to a research data center, where external parties can request access. While the intent to use health data for collective benefit is understandable, it is essential to ensure oversight. Individuals can opt-out of data usage for research through the ePA app or by contacting their health insurance ombudsman.
For those enrolled in statutory health insurance, it’s important to note that failing to object will automatically include you in the ePA system. Medical professionals have expressed concerns over potential legal implications as the ‘ePA for all’ may undermine the confidentiality that is traditionally upheld between doctors and patients.
The opt-out system is not favored by many, as it can lead to the majority of the population being included in the ePA without actively choosing to engage with the topic. An opt-in approach would ensure that only those who are informed and willing to participate are included.
Users retain the right to object at any time, even after their ePA has been created. If you feel uncomfortable or believe that you have lost control over your data, you can request deletion without facing treatment disadvantages. Should you later decide to utilize the ePA, rejoining is also an option.
The ePA primarily relies on smartphone applications, unlike the e-prescription system. Not everyone may be comfortable using mobile apps, and some citizens may find this technology overwhelming. While you do not need the ePA app to access your records, passive use means you will relinquish control over who can view your information, allowing all providers to access everything.
Several health insurance providers offer dedicated applications for the ePA, including AOK, Audi BKK, Barmer, hkk, IKK classic, Kaufmännische Krankenkasse, KNAPPSCHAFT, Mobil Krankenkasse, SBK, and Techniker.