Electronic patient files: Lauterbach raves about e-files – and emphasizes their security

Shortly before the launch of the electronic patient record (ePA), Federal Health Minister Karl Lauterbach (SPD) emphasized its advantages and, above all, security. “Citizens’ data is safe from hackers,” said Lauterbach at a presentation of the ePA in a doctor’s office in Cologne, referring to recent warnings from IT experts.

From January 15, 2025, the ePA will be tested in practice in a four-week pilot phase in North Rhine-Westphalia, Franconia (Bavaria) and Hamburg. The practices and hospitals outside the model regions will only be connected after the pilot phase has been completed and will only then be able to fill the ePA with documents.

According to Lauterbach, this nationwide connection should take place between February and April under the supervision of the current federal government. More than 70 million e-files are expected.

IT experts warn of security gaps

The Chaos Computer Club, a group of digital security researchers, announced at the end of December that the ePA’s digital infrastructure had glaring security gaps and could therefore be hacked. The IT specialists warned that the data of more than 70 million insured people could be at risk.

The national agency for digital medicine “Gematik” announced that it was taking these information very seriously. The attack scenarios outlined are technically possible, but unlikely in practice. Technical security is continually checked. Lauterbach said: “The electronic patient file will not go online if there is even a residual risk of a major hacker attack.” But that is not to be feared.

There are still technical “little things” that need to be solved, he admitted. They have already been solved for the pilot region and should now also be solved nationwide. We are also in contact with the Chaos Computer Club and the Federal Office for Information Security. “We will get the green light from this Federal Office when we have implemented the points that we have now agreed on,” said Lauterbach.

E-file is supposed to save the lives of “tens of thousands”.

“The ePA brings enormous advantages for the patient,” said Lauterbach. The medication is significantly safer. “We will be able to save the lives of tens of thousands of people as soon as we introduce it.” The treatment is simply better and more comfortable in the long term because the doctors have all the data and can thus optimize the treatment.

For all those with statutory health insurance, an e-file should be created by their health insurance company – unless you reject it for yourself. It should also be possible to delete a file once it has been created. It is intended to be a digital storage device for findings, laboratory values ​​and information on medications and to accompany patients throughout their lives.

According to a survey, the patient files started with broad general approval. Almost four out of five people (79 percent) consider it very useful or somewhat useful, as the survey by the opinion research institute YouGov on behalf of the German Press Agency showed.

E-file can also be connected to AI

In practice, the ePA runs via a smartphone app from the respective health insurance company. Insured persons can use this to store documents in the file themselves, for example scanning and uploading findings or old laboratory results. You can also create self-administered diaries with blood pressure measurements. When you visit the doctor, the doctor fills the file with findings on current treatments using his practice computer.

The health insurance companies also upload to the file which services they have been billed for. This makes it clear in black and white when a doctor was visited, what diagnosis was made there or which medication was prescribed and when. This could also be helpful when moving, for example: a new doctor would have insight into the patient’s medical history, for example their previous illnesses.

According to Lauterbach, patients will later be able to use the e-file in conjunction with artificial intelligence and, for example, have clinical pictures explained to them or receive information about diagnoses and treatments. “This is a type of medicine that has certainly not been imagined yet,” emphasized Lauterbach.

Documents can be hidden or deleted

In the app, insured people should be able to determine for themselves which document is visible to whom. A document in the e-record is either marked as released to everyone who has access via the insurance card insertion, or it is released only to certain doctors or marked as blocked so that only the patient can see it.

“You can view, insert, delete or hide content, grant or restrict access rights and file objections at any time,” says the consumer advice centers.

People who are afraid of technology can appoint a person they trust

Transparency and greater information from patients are also often listed as advantages because they get an overview of their own health data. The data could also make it easier to obtain second opinions or ask more specific questions from the doctor. It is also stated that duplicate examinations could be avoided.

There is criticism that controlling the file via a smartphone app could deter older people or people who are not very tech-savvy. In such a case, those affected can appoint a trustworthy person who will take care of the technical support of the file for them. Regardless of this, if the file is not contradicted, it exists without any action on your part and is then mainly filled out by treating doctors.