Survey by Data Protection Officers: No trust in the ePA without security
Many people are not well-informed about the electronic patient record. This is according to a survey by the Federal Data Protection Commissioner.
(Image: olgsera/Shutterstock.com)
A current survey by the Federal Commissioner for Data Protection and Freedom of Information (BfDI), Prof. Louisa Specht-Riemenschneider, among around 1500 statutory insured individuals shows high awareness but low active use of the electronic patient record (ePA). While 95 percent of the statutory insured are familiar with the ePA at least by name, only 12 percent actively use it so far.
Since January 2025, an ePA has been automatically created for all statutory insured individuals, unless they have actively objected. According to the dashboard of Gematik, responsible for digitalization in healthcare, around 4 million people currently have a HealthID necessary for using the ePA.
Concerns about data protection
Seven percent of respondents have exercised their right to object. 55 percent of them cite concerns about data protection and data security as the decisive reason. According to the BfDI's data barometer, 42 percent of respondents plan to actively use the ePA in the next six months, half want to do nothing further, three percent are undecided, and five percent still want to object. According to BfDI calculations, “85 percent of the statutory insured surveyed want to keep their ePA.”
“There is great interest in the ePA. This allows it to truly achieve its purpose of improving healthcare. The main reason for objecting to the creation of the ePA is security concerns. If you want to bring people along, it is therefore essential to close security gaps as quickly and as well as possible. Only then can deep trust in the ePA be established,” says Specht-Riemenschneider.
Videos by heise
Significant knowledge gaps among insured people
The survey also reveals significant knowledge gaps. 43 percent of respondents mistakenly believe that the ePA is only created after registration and app installation. Only 36 percent know that they can delete documents from their records themselves. However, most are aware that employers cannot view the ePA (88 percent), and 60 percent know that using the ePA is not mandatory. Even before the rollout of the “ePA for all,” the information policy was criticized. The survey shows that at least 11 percent did not receive the information letter from their health insurance companies; three percent do not know. The information campaign “ePA? Na sicher!” (ePA? Of course!) launched by the Federal Ministry of Health in early December was recently described as an advertising campaign.
Desire for self-determination
In addition to an easy-to-understand presentation of documents (93 percent), insured people also wish for a digital version of documents such as the vaccination pass (88 percent). There is also a strong desire for self-determined handling of one's own health data. 83 percent of respondents want extensive setting options for sharing their data. At the same time, they show a high willingness to share data. Around 70 percent would share important medical documents with all treating physicians, and 70 percent would also be willing to make pseudonymized data available for research.
“The functions and setting options for the ePA must be understandable and comprehensible for everyone,” says Specht-Riemenschneider. Fears that too many options could overwhelm users and limit functionality are unfounded, according to the data barometer results.
(mack)
