What is the electronic patient record?
The electronic patient record (ePA) is a kind of digital card index box that can be filled with all health-related data. This includes diagnoses, treatments, doctor’s letters, prescribed medications and vaccinations.
The digital storage enables you to view your health data yourself at any time. But with your consent, your family doctor, specialists, care facilities and pharmacists can do the same.
The big advantage: information that is important for your treatment can be taken into account, and duplicate examinations are avoided.
Statutory health insurers are obliged to offer the electronic patient file. But many private insurers also make them available to their clients.
What are the advantages of the electronic patient file?
By consolidating the most important patient data, the attending physicians have all relevant medical information about a patient at their fingertips. Even with new patients, the doctor has the entire medical history immediately at hand. They can thus make the right medical decisions quickly.
This is particularly important in emergency situations – for example, if a patient is unresponsive after an accident or has a pre-existing condition such as diabetes, kidney weakness (renal insufficiency) or heart disease. Here, the wrong medication can have serious consequences for health.
The electronic patient file also replaces the conventional doctor’s letter. It minimizes the risk of missing information or errors when a patient changes doctors or is referred to another specialist.
Your doctor can therefore use the ePA to evaluate your entire medical history more easily in order to find a suitable therapy. The electronic patient record also makes it easier to issue prescriptions.
What data is stored?
The following data can be stored in the electronic patient record:
- Findings
- Diagnoses
- @ Therapy measures
- Treatment reports
- Vaccinations
- Preventive medical checkups
- Dental treatment bonus booklet
Building on this, the electronic patient file is to be expanded step by step. Plans include electronic medication plans, electronic doctor’s letters, emergency data records and electronic pain diaries.
You decide who has access to certain data in your electronic patient file. Data should only be accessed in direct contact – for example, with specialists, the family doctor, or in the case of an e-prescription from a pharmacy – provided you grant the necessary authorizations.
You yourself also determine which documents and data are stored and for how long.
It is important to note that health insurance companies cannot view your electronic patient file. Conclusions that could have an impact on your insurance status or benefits are excluded.
How is the data protected?
Medical data is considered highly sensitive. The security of your data has therefore been given high priority in the development of the electronic patient file. The requirements for technology as well as authorization and encryption concepts are correspondingly high in order to protect your data from access by third parties.
Although this company is privately managed, it is financed by the GKV-Spitzenverband as the payer – in other words, by the members of the statutory health insurance funds. The main shareholder is the German Federal Ministry of Health (BMG), followed by the German Medical Association (BÄK) and other organizations in the German healthcare system.
Authorized authorization is verified by an e-health card terminal (two-key principle) – for example, doctors authenticate themselves with their electronic health professional card (eHBA). The quality of the encryption procedures used is regularly checked by the German Federal Office for Information Security (BSI).
What do critics say?
Critical voices point to the issue of data security. Sensitive data pooled and stored with a single provider could become targets of cyberattacks and pose a potential security risk.
Critics also discuss the so-called TI connectors, which doctors or clinics need to access patient data, as a possible security gap.
Will electronic patient records become mandatory?
However, an ePA is to be created automatically for every insured person at the end of 2024. The opt-out principle will then apply. This means that anyone who does not explicitly and actively object will be included. The processes for this have not yet been clarified. It is also not yet clear which data the ePA will then actually contain automatically.
However, you will be able to manage all the content of your electronic patient file yourself and also delete it completely or partially. This also applies to data that your doctors have uploaded. You can also decide for yourself which doctor you want to grant access to which document – for example, who receives information on mental illnesses and who does not. That way, you retain sovereignty over it.
How do I get an electronic patient file?
As a rule, you need registered access to the online area of your health insurance company, the app provided by your health insurance company (Google Play/Apple Store) and your electronic health card (eGK).
To activate access, you will also need a PIN, which you will receive from your health insurance provider. Your health insurer will tell you in detail how to apply and register.
Once the card is activated, you can access your data via special apps for your smartphone or tablet (ePA app). These apps are developed by the health insurers and made available in the app stores. Access via a desktop PC is not currently available.
The ePA apps for smartphone and tablet use two-factor authentication (2FA). This is a proof of identity that verifies your legitimacy through two different channels. It’s similar to online banking: an online access from your bank and an associated TAN number.
How does the electronic health record work?
Via your health insurance company’s app, you can use your smartphone or tablet to upload health-related data such as doctor’s reports, and soon also lists of medications or laboratory findings, to your electronic patient record. At your request, your doctor can also store relevant documents.
You can delete data that should no longer appear in your electronic patient record at any time, even if you did not upload it yourself.
Anonymous data for research
In the future, insured persons will be given the option of making data from their electronic patient file available to medical research. This also applies to research-based pharmaceutical companies in Germany. This data donation is voluntary and anonymous.
Conclusions about your person are excluded. Your individual medical history remains anonymous. However, by donating your data, you are making an important contribution to improving care and prevention in the German healthcare sector.
This so-called voluntary secondary use of your data enables, among others:
- uncover very rare side effects of a drug or treatment, as larger patient groups can be studied (> 100,000 participants)
- improved diagnosis of rare diseases
- a faster evaluation and increased safety in the development of new treatment options (e.g.: personalized medicine)
- early containment of pandemics
- targeted prevention measures
You can only access your electronic patient record directly via your own smartphone or tablet. However, you can also have your electronic patient record processed directly by your doctor’s office.
With your electronic health card and a PIN (provided by your health insurance), the doctor’s office can also manage your electronic patient record via its practice management system (PVS).
