Electronic patient record: Those who object should not be disadvantaged
At the 129th Ă„rztetag, delegates called for cybersecurity, strengthened IT infrastructure and for more protection for patient data.
(Image: PeopleImages.com - Yuri A/Shutterstock.com)
According to the proposed resolution, the background to the decision is the demands of the Conference of Justice Ministers to allow law enforcement authorities access to the electronic patient record. The doctors emphasize that this is the only way to maintain patients' trust in their doctors.
User-friendliness and security
Due to the poor user-friendliness to date, the doctors are also calling on the federal government to implement adjustments to the electronic patient file "as quickly as possible". A "high level of security confirmed by the Federal Office for Information Security (BSI) is also essential".
Gematik must also "develop effective measures against possible attack scenarios". Once again, the doctors are calling for the rapid "implementation of the electronic narcotics prescription and the introduction of a full-text search within the ePA documents". Doctors have already called for this in the past.
According to the German Medical Association (PDF), to protect sensitive data, billing data should "initially only be visible to insured persons so that they can assign specific access rights". With version 3.0 of the electronic patient file, fine-grained authorization management was abolished and is not to return – despite demands from various associations and data protectionists –. This also emerges from an answer (PDF) from the German government to a written question from Anne-Mieke Bremer (Die Linke), a member of the Bundestag. "An access restriction for individual treatment documents per service provider is not planned," it says.
Until now, all data has been automatically entered into the ePA, unless it is particularly critical. The doctors also demand that "medical findings [...] should only be made accessible to the patient after medical classification if therapeutic reasons require this". Furthermore, doctors should not be obliged to fill in the electronic health records of children and adolescents. The National Association of Statutory Health Insurance Physicians had already published a guideline on this.
Better availability of the telematics infrastructure
As cyber attacks pose a growing threat to the healthcare sector and the protection of IT infrastructure can be improved, the doctors are calling for more resilience (PDF) for local and central systems. In particular, the availability and robustness of applications and services –, especially the telematics infrastructure (TI), which regularly experiences disruptions, needs to be improved. According to the doctors, more should also be done to ensure the security of local IT systems.
It is equally important that employees know how to use these systems securely. The management of hospitals, doctors' surgeries and other healthcare facilities should therefore ensure that their staff receive regular training. One-sided dependencies on services from external (cloud) providers should also be considered and "threat detection mechanisms" should be established.
As part of the hospital reform, the resilience of hospitals is to be significantly improved. In addition to investments in cybersecurity, "reserve capacities of critical care structures and specialized care areas should also be planned and implemented". To this end, the doctors are calling for sufficient funds to be made available from the planned special funds.
(mack)
