heise PlusAbo
Anzeige

Digital Health: The Patient is Multi-Dependent

In digital healthcare, dependence on providers from outside Europe is currently high. Is this threatening to get out of control?

listen Print view
A woman looks at a 3D Where's Wally picture, which includes a naked body among other things

(Image: metamorworks/Shutterstock.com)

7 min. read
By
Contents

The initial situation is complex: While the current chip crisis around Nexperia doesn't seem to affect medical device manufacturers in the short term, this industry is also reminded of its dependence. Above all, one hardware aspect worries the German Association of Medical Technology (BVMed): Should there be another chip shortage situation, "more transparency" is needed in the distribution of available chips: "In Germany, for example, an agreement between the Federal Ministry of Health and the Federal Ministry of Economics could be conceivable to achieve preferential allocation of semiconductors to the healthcare sector," explains BVMed spokesperson Manfred Beeres, outlining his association's ideas. This is just one aspect that needs to be considered on the path to greater digital sovereignty from non-EU states – and given the current disputes between China, the USA, and the EU, it is not an easy one.

While the EU can only watch in a Sino-American trade war, the Nexperia episode has once again brought the close supply chain entanglement between companies in the EU and the People's Republic to the fore. One problem: Medical technology is one of Europe's most important export successes, including to the USA. This puts the EU in a double dependency: on chips and integrated components from China on the one hand, and on its largest sales market across the Atlantic on the other.

Furthermore, providers from the USA are pushing into the digital EU healthcare market. Considering political desires, new dependencies are currently being created here. And this at a time when these are politically considered sensitive. However, much remains unclear – for example, when it comes to operating the electronic patient record.

Read also

"If, according to their own statements, the Federal Ministry of Health has no knowledge of the contracts between the ePA operating companies IBM and Rise, that does not build trust among doctors," says Silke LĂĽder, deputy federal chairwoman of the Freie Ă„rzteschaft. Data security experts like Manuel Atug from AG Kritis or former data protection officer Ulrich Kelber see it similarly. After both the Federal Office for Information Security and the Federal Commissioner for Data Protection and Information Freedom have been stripped of their veto power, trust in those involved is paramount.

Videos by heise

But is a structural trust in operators in times of zero-trust approaches still contemporary? In any case, the Ministry of Health sees no problems with the security of the electronic patient record; according to the response to the minor inquiry, "extensive technical and organizational security measures have been implemented. The data of the ePA are always stored encrypted on servers in the Federal Republic of Germany and cannot be read by unauthorized individuals without the insured person's key."

A spokesperson for the Federal Ministry of Health explains in response to an inquiry from heise online: The "keys for accessing an insured person's ePA are located in a Hardware Security Module (HSM) or in the virtual execution environment (VAU) at the ePA operator" in a secure environment. Here, "only the software itself has access, but not the operator."

Plenty of loose ends

In particular, new issues could arise from the interaction of the many dependencies in the healthcare system and the forced interlocking of the systems. This is because not only the billing data of health insurance companies, data from practice management systems, and data from the ePA of statutory insured people are to be linked. Also, data from hospital information systems are to be more strongly integrated.

After the discontinuation of SAP's hospital software, the remaining competitors are vying for market shares, and US companies are also involved. This is causing movement in a profitable market characterized by acquisitions and new and all EU providers such as Avelios, Dedalus, CGM, and Meierhofer. For the often financially struggling German hospitals, the introduction of the ePA comes in the midst of an already difficult time. So far, about half of the hospitals have been able to test the ePA.

There are persistent doubts whether data security is truly guaranteed with so many different software and hardware solutions, and whether the requirements of the telematics infrastructure are even sufficient for this.

Patient protection before data flow

Dentist Annette Apel is taking a very consistent approach. "We work a lot manually," she explained a few days ago at an event of the Interessengemeinschaft Medizin (IG Med) in Berlin. She sees her refusal to digitize as part of her patient care. Even with a seemingly harmless treatment, highly personal questions sometimes play a role and must be documented, such as fears or financial aspects if co-payments are necessary.

For example, X-rays are not automatically passed on digitally, Apel explains. Her practice is, as far as possible, offline. She consistently does not transmit findings via the internet, and the legal regulations do not oblige her to do so. She herself receives less criticism for this, but her patients are harassed when she gives them printed findings. Medical confidentiality can be maintained if digital possibilities are used in such a way that doctors secure them themselves, according to Apel.

The costs she incurs due to sanctions for not being connected to the telematics infrastructure are lower than the costs and necessary double structures associated with the TI. However, such considerations must not lead to the failure of healthcare digitalization and patients continuing to rely on printed documents.

The numerous open questions regarding responsibilities, security of supply, and actual digital sovereignty show that there is a lack of a clear political line on how deeply and in which direction healthcare digitalization should be steered. At the latest, this brings the national digital strategy into focus – and its update is long overdue.

Digitalization Strategy: Update Urgently Needed

For the already announced update of the digitalization strategy by Federal Health Minister Nina Warken (CDU), another aspect is pressing: to create clarity on the extent to which digitalization should also place a stronger focus on EU solutions. Only in June, the EU Commission decided that Chinese medical device suppliers would be excluded from public tenders above a procurement value of 5 million euros – a reciprocal decision after China had strategically closed off its market. Such measures could certainly be conceivable in the course of further trade disputes – in all directions.

However, what this means for availability in the German healthcare system is currently unclear. The fact that partial failures of the telematics infrastructure for e-prescriptions and electronic patient records occurred almost simultaneously with the Amazon outage could be a warning shot.

(nen)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten