Dangers of the electronic patient file
From 2025, health insurers are to create an electronic file for every patient who does not expressly object. Guest author Andreas Heyer criticises this because he fears data misuse. There are already examples of this from abroad.
By Andreas Heyer.* So far, apparently only a few patients see any benefit in having their health and treatment data stored centrally on a server in an electronic patient record. Two years after the introduction of electronic patient records, only 595,000 insured persons had opted for this by the end of January 2023 – this corresponds to less than one percent of all insured persons.
From the federal government’s point of view, this is not enough to create a data set with health data of the insured that is as complete as possible and to make it available to institutions from public and commercial research for evaluation.
Therefore, the federal government plans to reverse the principle so that an electronic patient file is created for all insured persons who do not explicitly object.
At the end of June, the portal Netzpolitik published the draft bills of the Federal Ministry of Health on the Digital Act and the Health Data Usage Act. According to the draft of the Digital Act, from January 2025, statutory health insurers would be obliged to create electronic patient files (ePA) for all insured persons who have not expressly objected to this (a so-called opt-out regulation).
At the same time, according to the draft law, doctors, psychotherapists and other service providers in the health system are to be obliged to transfer their treatment data to the servers of the providers of electronic patient records.
No control over the whereabouts of the data
The draft explicitly obliges doctors and psychotherapists to transmit data on HIV infections, mental illnesses and abortions to the ePA. However, in the case of these particularly sensitive data (in contrast to the transmission of other treatment data), there is to be an obligation on the part of the practitioner to point out the patient’s rights to object.
The basic concept of a storage option for digitised documents for patients to enable their various specialists to access previous findings from colleagues easily and promptly, if the patient agrees, may well make sense.
However, contrary to earlier proposals, electronic patient records are not stored on patients’ insurance cards, where they would physically retain control over the whereabouts of their health data. Instead, a system has been introduced in which the ePA is stored on the servers of private IT providers (in a “cloud”) with whom the respective health insurance fund has concluded a contract. In the case of Techniker Krankenkasse and Barmer, the electronic patient records are stored on servers of the IBM company.
The digital infrastructure of the health system, called telematics infrastructure, is operated via the servers of the Bertelsmann subsidiary Arvato.
Vulnerable to data mishaps
Contrary to the assurances of the Ministry of Health and the IT partners that the digital infrastructure is secure, numerous data mishaps have already occurred.
For example, it became known that since the recent introduction of the electronic certificate of incapacity for work, about 116,000 data records had been sent to a single doctor’s practice instead of to the health insurers due to a software error.
In Finland, psychotherapy data was hacked in a cyber attack and patients were partially blackmailed into Bitcoin payments by the cyber criminals.
In Australia, the health data of 9.7 million policyholders of a health insurance company had been published on the darknet by hackers.
Already this year, statutory health insurers are obliged to transfer their billing data, including diagnoses, medication and duration of treatment of their insured persons in pseudonymised form to the Health Research Data Centre. There is no right of objection for insured persons.
Treatment data for research purposes
According to the draft law on the use of health data, treatment data in electronic patient records will soon be made available to universities and companies for evaluation for research purposes via a “Data Access and Coordination Centre for Health Data” that has yet to be created.
A regulation is also being discussed for this, which would allow the pseudonymised transfer of data in principle, as long as the insured person does not actively object to this.
In contrast to the anonymisation of data, however, pseudonymisation is considered more insecure from a data protection point of view, as the person could be reconstructed from the pseudonyms in many cases due to the information contained, such as year of birth, gender and postcode of the patient.
Disclosure of sensitive data only after explicit consent?
It can be argued that the Federal Ministry of Health’s goal of building up the largest possible health databases for evaluation by public and commercial research relies, through the planned opt-out regulations, on immature citizens who will not inform themselves about the risks of the digital transmission of their health and treatment data or who will not actively object to centralised data storage in the cloud out of convenience.
At the same time, the policy emphasises that through the planned opt-out regulation, every insured person would retain the possibility to object to the transmission of their data by doctors and psychotherapists into an electronic patient file.
In order to preserve the previous principles of medical confidentiality, it would be important that the transfer of sensitive treatment data by doctors and psychotherapists remains permitted only after explicit consent by patients.
However, if opt-out regulations were to be enforced politically, patients would still have the opportunity to inform themselves as responsible citizens about the opportunities and risks of the planned transfer of their health data to central databases and to decide whether or not they want to object to the use of their data.
This text first appeared in the Berliner Zeitung under the title “Medicine vs. Digitalisation: What are the dangers of electronic patient records?
*Andreas Heyer works as a psychotherapist with a depth psychology specialisation in his own practice. He grew up in West Germany and lives and works in his adopted home in East Germany.
Note
A Bundestag petition against the opt-out procedure for electronic patient files still needs signatures to reach quorum. It runs until 25 July.
Originally published on Money and More, translations by CHD Europe
Suggest a correction