The electronic patient record is a database that will allow a patient’s medical history, treatment data, medication and other health records to be stored on a single electronic health card. This will enable patients and doctors to exchange and access medical data more easily and more safely. This medical communication network will allow patients to pass on their current medication data and other information to their doctor, ensuring they get the right treatment. The aim is to enable better medical care and improve health management for patients and doctors. User-friendliness, data protection and data security are particularly important issues in this regard. People will be allowed to decide for themselves what data should be stored in the file. Doctors will give patients copies of the data that have been generated and patients can then manage the data independently within a storage system such as a USB stick or a data service. The data are always encrypted so that they cannot be read by third parties accessing the storage systems.
Under what circumstances would third parties, such as insurance companies, be allowed to access the data?
Only doctors who have been authorised by the patient may access the encrypted patient records. Third parties authorised by the patient may also access and manage records through the “citizen’s interface”, but the patient always maintain authority over his or her own files. Insurance companies cannot gain access to the data.
Will doctors then be able to take their pick of patients?
This question is misleading, because doctors – at least those approved by the statutory health insurance system (“Kassenärzte”) – have a medical obligation to treat patients. Conversely, patients are free to choose doctors who are prepared to store their medical data on a digital patient record.
These questions were answered by Raik Kuhlisch of the Fraunhofer Institute for Open Communication Systems FOKUS.