Electronic patient record: What insured persons need to know about the "ePA for all".

The idea originated a quarter of a century ago: an electronic patient record (ePA) in which all information and data relevant to healthcare are stored for life. Several health ministers tried unsuccessfully for years to get the ePA up and running, wasting billions of euros in the process. It was only under the leadership of Karl Lauterbach (SPD), the health minister of the governing coalition, that a breakthrough was finally achieved. Now, the "ePA for all"—as the electronic record is advertised—can be used nationwide by all those with statutory health insurance in almost all doctors' offices, pharmacies, and gradually also in all hospitals. We answer the most important questions.

For several years now, those with statutory health insurance have been entitled to have their health insurance provider provide them with an electronic patient record (ePA) upon request. However, this option was rarely used, partly because there was previously no legal obligation for doctors or hospitals to populate the ePA with information. This has now changed. Furthermore, the ePA is now created by the health insurance provider as a matter of course – unless the insured person explicitly objects.

The electronic patient record (ePA) is already technically available and is being populated with data – unless an objection has been raised. However, to read and manage the information themselves, insured individuals need access. This access is granted via a smartphone app or dedicated software on a standard PC. The health insurance companies' apps have different names, such as "AOK Mein Leben" for AOK or "TK safe" for Techniker Krankenkasse. Those who do not want their own access but still wish to manage their data can contact their health insurance company's ombudsman's office or designate a trusted person who will then be granted access.

The steps vary from health insurance provider to health insurance provider. The central element is identity verification. First, the ePA app must always be installed and opened. Then, depending on the health insurance provider, the following options are possible:

• Identity card with PIN: A digitally activated ID card with the corresponding PIN is required (issued with the identity card; if the PIN letter has been lost, a new PIN can be requested via the citizens' office) as well as an NFC-enabled smartphone.
• Health insurance card with PIN: You will need an NFC-enabled health insurance card (recognizable by the symbol also used for contactless payments), the corresponding PIN, and an NFC-enabled smartphone. If you don't have your PIN, there are three ways to obtain it: You can apply for it in person at a health insurance office. Alternatively, you can order the PIN via the PostIdent procedure, which is also used for opening bank accounts. For this, a coupon is generated in your electronic health record (ePA) with a click, which you then present at a post office. There, your ID will be checked. The health insurance office will then send the PIN to your current address. A third option is the so-called video identification procedure: Using the Nect Wallet app from the Hamburg-based software company of the same name, you can also order the PIN from home.

After successful initial registration, the ePA app can be used with a self-selected PIN, fingerprint or facial recognition.

Hacking electronic patient records has become significantly more complicated, but remains technically possible. According to the operators, a solution for greater security is in sight – but not until next year at the earliest.

In this case, it is necessary to file an objection with the health insurance company. This can be done at any time. Anyone who already has access to their electronic patient record (ePA) can initiate its deletion in the app. However, please note: An objection/deletion will permanently delete all stored information. The objection can also be withdrawn at any time. The record will then be empty and will be populated with new data from that point onward.

In principle, all data relevant to your health can be stored there. Even older medical records kept at home can be uploaded. The preferred format is the common PDF (maximum file size 25 megabytes; image files such as JPG are not permitted). You can do this yourself or ask your health insurance provider or a doctor's office. However, doctors' offices are not obligated to upload older documents or findings – even if they originate from that specific practice.

Physicians and hospitals are generally obligated to store all treatment documents they currently create – including laboratory and imaging results, doctor's letters, discharge summaries, and surgical reports – in the patient's file. Health insurance companies provide their billing data. In addition, a medication list is automatically generated, containing all prescribed drugs (prescribed electronically). This is intended to make it possible to identify dangerous drug interactions.

All treating physicians generally have access to the data in the electronic patient record (ePA) for a period of 90 days after contact with the patient. For pharmacies, this period is three days. The 90-day period can be extended (even indefinitely) via the ePA app or terminated at any time. Unrestricted access is conceivable, for example, for the patient's own general practitioner's office. In the ePA, insured individuals can completely exclude individual medical practices, therapists, or other healthcare providers from access. These providers will then not be able to see whether an exclusion has been made or whether the patient does not even have an ePA. Objections can only be made for specific institutions, never for entire sectors, such as all pharmacies. It is also important to know that the patient's own health insurance company has no access to the ePA.

Individual documents can be hidden so that they are visible only to you and therefore to no one else. It is not apparent to outsiders that anything has been hidden. It is not possible, for example, to block a document for one practice and unblock it for another. The fundamental principle is: the patient always retains control over their data. Anyone who does not want certain data included in their file must inform the practice immediately. In the case of particularly sensitive data that could lead to stigmatization (HIV infections, abortions, or mental illnesses), doctors are even obligated to inform patients of this possibility. All actions in the electronic patient record (ePA) are meticulously logged. Insured individuals can therefore see when and which department took what action.

The medication list is automatically generated from the electronic prescription. It contains all prescribed medications and indicates whether the prescription was filled. The medication list can only be disputed in its entirety, in which case it will be deleted. Individual medications cannot be removed. This makes sense, as the medication list must be complete to ensure that dangerous interactions can be identified. However, it is now possible to hide the medication list from specific institutions. This allows, for example, preventing prescriptions for psychotropic medications from being visible to everyone.

This is planned for next year. The data forwarded to the so-called research data center can then be used, for example, by the pharmaceutical industry in pseudonymized form upon request. However, only data from the electronic patient record (ePA) that can be reliably pseudonymized will be extracted. Initially, this will include the contents of the medication list. Anyone who does not want their health data used for research purposes must explicitly object, either entirely or for specific purposes. This objection will be possible, for example, within the ePA app itself after its introduction.

Is the data secure against hacker attacks?

The data is stored encrypted on servers in Germany. All data transmission paths are also protected and encrypted. The Federal Office for Information Security (BSI), which is continuously involved in the development and implementation of the project, speaks of the highest security standards. "There is no such thing as 100% security," BSI President Claudia Plattner repeatedly emphasizes. However, she adds that "everything humanly possible" is being done to ensure the security of the data in the electronic patient record (ePA).