Federal data protection agency: Open warning about electronic patient files

Source: Heise.de added 12th Nov 2020

  • federal-data-protection-agency:-open-warning-about-electronic-patient-files

After a statement on the Patient Data Protection Act in September, in which the Federal Data Protection Commissioner expressed concerns about the electronic patient record (EPR), he has now sent a letter with an open warning about the planned introduction of the EPR. This is to start from January 1st 2021 the 44 millions of legally insured persons from their health insurance companies

In his warning, the Federal Data Protection Agency points out that the insured must have full control over their data. Among other things, they should actually be able to hide data at the start of the EPR and view them at terminals. However, this is only possible with the ePA 2.0, which is due to come in January 2022.

Between the Federal Data Protection Agency and the Ministry of Health As the Medical Tribune reports, the statutory health insurance companies are discussing the problem with the Federal Data Protection Commissioner and the Federal Social Security Office as the supervisory authority. If you do not introduce ePA 1.1 by January 1st, you face sanctions from the Federal Ministry of Health. Penalties can be imposed if the ePA 1.1 specified by the Gematik project company is not introduced.

Even the enthusiastic advocates of the ePA introduction know about data protection Problem. On ePA-Fakten.de it is clear and simple: “Potentially stigmatizing documents do not yet belong in the ePA.” As an example, information about abortions and psychological reports are given there. These documents should only be saved in an EPI if the insured has the opportunity to hide them from a doctor’s visit.

“These documents should only be saved in the EPI if the fine-grained authorization options are in a the next version of the EPR will follow. Until then, the EPR can be used for all “normally confidential” medical information. Doctors and insured persons must be sensitized accordingly and should act accordingly, “according to the EPR information. Clarification possibly only in front of the court From the point of view of data protection officers, this is of course insufficient and a clear violation of the General Data Protection Regulation GDPR. The official warning is an announcement of this position. In the next step, an instruction from the Federal Commissioner for Data Protection to the health insurance companies is conceivable not to introduce ePA 1.1. The health insurers would then have the opportunity to take this instruction to court.

In Germany, five companies or consortia are currently working on electronic patient record systems, which the cash registers in turn have to make available to their insured persons free of charge. These are IBM, X-tention / ICW, Cisco / Team Spirit, Rise and Compugroup Medical. In addition to the data protection problem, the EPI 1.1. Therefore, there is another shortcoming: If you change health insurance and thus possibly the technical provider of the EPR, you cannot take your files with you. This will only be possible with the ePA 2.0.

(mho)

Read the full article at Heise.de

brands: IBM  
media: Heise.de  

Related posts


Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 88

Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 88

Related Products



Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 91

Warning: Invalid argument supplied for foreach() in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 91