Swisscom Trust Services - Trust Blog

Why broad acceptance of the ePA is so important | Trust Blog

Written by Mario Voge | 1/23/24 8:52 AM

With the digitalization strategy announced in March 2023, the Ministry of Health aims to advance the digitalization of the German healthcare system and care provision further and make it future-proof and competitive in a European comparison. The introduction of the electronic patient file (ePA) and its broad adaptation among all stakeholders in the healthcare and nursing sectors plays a vital role in this. Although the ePA has been available since January 2021, according to a BITKOM study, around 1 percent of Germans have opened an ePA with their health insurance company. Nevertheless, the Ministry of Health has set the goal of 80 percent of people with statutory health insurance having an electronic patient file (ePA) by 2025 and medication prescriptions being sent electronically instead of on paper as standard. However, there are still many unanswered questions and skepticism regarding implementation in the healthcare sector.

This blog article looks at the current challenges in adapting and opportunities for electronic patient records.

The electronic patient record: a brief introduction

The electronic patient record (ePA) is a digital version of the traditional paper-based patient record. Since its launch on 1 January 2021, all people with statutory health insurance in Germany can voluntarily obtain an ePA from their health insurance provider. The EPR contains a patient's relevant medical information, such as diagnoses, medication plans and prescriptions, laboratory results, doctor's letters or referrals, and vaccination and maternity records. In contrast to conventional card-based records, the ePA is available in a digital, cryptographically encrypted space, and patients can upload all medical documents and allow various healthcare organizations, e.g., hospitals, pharmacies, and doctors, to view and access this information. The insured person assumes complete management and control of their health data in the ePA.

Challenges in the acceptance of the ePA

The widespread adoption of the electronic patient file (EPR) by the German population and healthcare stakeholders faces several challenges. According to recent research by mdr and tagesschau, only around 750,000 out of 73 million insured persons use an ePA. What exactly are the reasons for such low acceptance?

Data protection and data security

Regarding data protection and security, all parties still have many questions and doubts. Many patients have concerns about whether sensitive health data, in particular, such as psychotherapeutic treatment or abortions, is sufficiently protected. It is essential that suitable security measures, such as strong encryption, access controls, and regular security checks, are implemented so that the public gains confidence in the ePA.

In addition, data protectionists call for clear rules and regulations on handling, using, and processing health data in the ePA. On the one hand, patients must have complete control over their data and be able to decide which doctor or healthcare organization can access which specific medical documents. On the other hand, insured persons should also be able to object clearly and quickly if sensitive health data is to be forwarded to research institutions, for example. Finally, it is essential that this data is used exclusively for medical purposes and is not misused. There is still a great need to clarify how patients can give differentiated consent for data access to certain doctors.

Technical infrastructure and Interoperability

The successful establishment of the ePA also requires a well-functioning technical infrastructure. This presupposes that the ePA must interact seamlessly with various existing systems in doctors' surgeries, hospitals, and other healthcare facilities. At present, however, these are not sufficiently prepared for the digital storage and transmission of patient data to the ePA, as they do not have the necessary systems and software. With around 150 different practice management systems in Germany, the IT landscape is very heterogeneous, meaning that providers would have to adapt the interfaces to the ePA and install updates for security-related encryption. However, software providers cannot keep up with the volume and the high regulatory requirements in the healthcare sector. Increased investments are expected, and many medical practices are convinced that the costs for these changes are very high and that the actual added value still needs to be apparent.

Bureaucratic hurdles, lack of user-friendliness during registration and accessibility

Furthermore, too many bureaucratic and administrative hurdles make spreading the ePA difficult. There are many regulations and complicated registration processes that patients of different age groups, doctors, health insurers, and healthcare organizations must comply with to set up, use and access the ePA.

Insured persons must register once with their health insurer and apply for an electronic health card with an NFC chip and PIN. The corresponding ePA app can be installed on the smartphone. There are alternative identification and authentication methods, such as presenting an ID card via the health insurance company's customer service center, eID-Ident with the electronic ID card (nPA), or the Postident procedure in post offices. However, gematik's requirements mean that all online identification procedures such as video, auto-ident, or AI-based procedures are no longer permitted. Authentication may vary depending on the health insurance company. Still, insured persons always need a health insurance number and, depending on the procedure, an e-mail address or access to the online area.

Anyone who does not have access to the internet or a smartphone, for example, will only be able to access their own ePA via the doctor's surgery, and there is a risk of being excluded from using it. This accessibility should be urgently considered for broad adaptation, considering that 65% of people over 65 in Germany do not have access to the internet or own a smartphone with the current operating system, which is a prerequisite for the ePA.

In addition, there is disagreement about who should transfer paper-based medical documents to the e-record. Patients may also want older documents in the digital file to gain insight into their medical history or previous illnesses. However, not all data and records can be stored and accessed in the ePA, so patients must scan and upload them themselves. The original plan was for insured persons to be able to instruct their health insurers to do this. Still, the insurers rejected this and saw the responsibility lying to the insured persons and service providers. This complex process would have to be simplified and automated to ensure broad acceptance of the electronic health record by all parties involved.

Opportunities of the electronic patient record for the digitalization of the German healthcare system

Despite the many challenges involved in adoption, the introduction of the electronic patient record (EPR) in Germany opens up a wide range of opportunities for the digitalization of the healthcare system. Some of the most important advantages are listed below:

Centralization and accessibility of health data: The ePA makes it possible to transmit and store health data from different doctors and healthcare facilities centrally and make it accessible to authorized persons. This facilitates the exchange of information, improves collaboration between various healthcare providers, and increases the quality of care.

Increased efficiency and cost savings: Electronic access to patient data can reduce waiting times and avoid duplicate examinations, enabling more efficient use of resources. In addition, reduced paper and printing costs for health documents can significantly reduce hospital and doctor surgery costs.

Patient autonomy and transparency: The ePA gives patients more control over their health data. They can decide who can access their data and what information they want to share. This promotes transparency and enables patients to participate actively in their healthcare.

Improving diagnosis and treatment: A comprehensive and easily accessible patient record can help doctors make more informed diagnoses and offer personalized treatments, as electronic access gives them a more complete and rapid overview of the patient's medical history. This leads to improved treatment quality and reduces the time spent documenting and searching for information.

Research and development: Anonymised health data from the ePA can be used to identify patterns, trends and new treatment methods for medical research purposes. This could drive the development of new drugs and therapies.

A broad partner network of Swisscom Trust Services for healthcare organizations to connect to the ePA

Swisscom Trust Services is an accredited leading trust service provider in Europe to offer qualified electronic signatures and seals by the EU eIDAS Regulation and Swiss ZertES law in the jurisdictions of the EU and Switzerland. The best online identification services (including eID-Ident) on the market are used for the one-off registration of the e-signature, and a pool of numerous authentication solutions (IDPs) is offered as signature approval methods via a broker. Our products are seamlessly integrated and made available for the electronic signing of digital documents via our broad partner network, which offers various software solutions (including PVS, AVS, etc.) for health insurance companies, pharmacies, and other healthcare organizations. In this way, all stakeholders in the digital healthcare system can securely and digitally sign a wide range of documents, such as e-prescriptions, e-referrals, medication plan changes, consents, or diagnostic reports. This leads to considerable cost savings, increases efficiency when exchanging documents via the ePA, and improves the quality of patient care.