Lauterbach on the ePA: "Patient file makes the patient the master of their data"

Contents

The electronic patient file makes patients “masters of their own data”, explained Federal Health Minister Karl Lauterbach at the Federal Press Conference. Patients should “finally see all the medical data that is collected about them”. According to Lauterbach, health insurance companies should not be allowed to see this data.

He once again described the ePA as “the biggest digitization project in the history of Germany”, for which billions have already been wasted. The country is “lagging behind in many areas” when it comes to digitalization. He described today's launch of the ePA as a leap forward. “We have already introduced the electronic prescription”, said Lauterbach, “[...] significantly expanded the certificate of incapacity for work, the electronic organ donation register and telemedicine”.

With the ePA, Germany is “right at the forefront” in Europe and will “change medicine” and usher in a “new era”. The data set is also unique. When asked what OpenAI, Google and co. are lining up for, Lauterbach replied that there are no concrete plans. He added that he was also in contact with German AI companies such as Aleph Alpha. “The data will never be analyzed by companies, but by scientists,” Lauterbach assured. Research by data companies is not planned.

ePA for medication safety

With the ePA and the electronic medication list, medication incompatibilities should be a thing of the past, “which currently cost the lives of tens of thousands of people every year. The introduction of the ePA for all alone will save the lives of tens of thousands of people every year by eliminating the incompatibility of medicines,” promised Lauterbach. Especially in difficult medical cases, such as a chronically ill patient, it is the exception that all information is available.

According to Lauterbach, all findings are visible with the ePA, the patient can then be treated telemedically and receive the medication directly at home without having to go to the practice. However, Lauterbach did not mention that this would require the abolition of quarterly flat rates. With the help of AI, patients can also have treatment results, laboratory values and examinations explained to them. The advantage here is “the grace of the late birth of the ePA”. AI designs could be considered and implemented right from the start.

TK boss: Nobody knows what medication they are taking

According to the head of Techniker Krankenkasse, Jens Baas, the ePA is a milestone for everyone involved in the healthcare system – first and foremost for patients. “And when people ask me, do we need something like this at all, I can only ask back who of you could now write down completely when you were ill, what medication you take, when you were in hospital? Nobody!” Baas is certain. According to Baas, functionality is relevant for the success of the ePA, as is integration into the doctor's software.

IT security around the electronic patient file is just as relevant, he says, “And I wouldn't put my hand in the fire that such a file is one hundred percent secure. On the contrary, it will never be one hundred percent secure,” says Baas. However, it must be so secure that the benefits far outweigh the risks. Nevertheless, the analog world is anything but secure. “Anyone can break into a doctor's surgery, I don't have to be a special hacker to do that. Anyone can bribe someone, a doctor, or health insurance company employee. I can intercept a fax in a fax machine somewhere, which is somewhere. We have to get into the habit of weighing up the risks and benefits in the digital world too,” explained Baas.

As secure as possible

According to Klaus Reinhardt, the patient file must be as secure as possible. The issue of security is currently being taken seriously. “This is also important for us because medical confidentiality, professional secrecy and the obligation to maintain confidentiality are key features of our ethical code”. It is equally important that the ePA actually offers added value. The launch would be closely monitored. It is important that everyone has the opportunity to make suggestions for improvement.

According to Florian Fuhrmann, the health insurance companies are currently in the process of creating around 70 million patient files for all those with statutory health insurance – except for those who have objected. The practicality of the system is being tested in around “300 practices, pharmacies and hospitals. However, we are also checking the technical stability of the system and ensuring that it does not interfere with other telematics infrastructure applications such as the e-prescription,” explained Fuhrmann.

“The security of the EPO for everyone is our top priority. This applies to all security problems that we have been able to analyze so far [...] and also applies, for example, to the security concerns raised by the Chaos Computer Club,” assures Lauterbach. The company is in close contact with the CCC, to which all those involved say they are grateful, and additional security measures are being implemented.

Lauterbach: contradictions more pronounced in Eastern Germany

On average, around 5 percent have objected to the electronic patient file. Baas described the small number of objections as a positive signal for the acceptance of the EPR. Critics are certain that the low number of objections can be explained by the fact that the insured were not sufficiently informed about the ePA. Lauterbach added that the number of objections in Eastern Germany was significantly higher than in the rest of Germany.

One of the two file systems on which the insured persons' data is to be storedwas only recently approved. This currently affects 25 million insured persons, and the second file system could soon also be approved. All people with statutory health insurance are supposed to receive an electronic patient file by February 15. If the test phase yields positive results, the ePA is to be rolled out nationwide. At the end of December, security researchers demonstrated known and new security gaps in the electronic patient file at the 38th Chaos Communication Congress. As a result, Lauterbach stated that they only wanted to start when the ePA no longer posed a security risk.

(mack)