In Germany, the public health insurers are in charge of the ePatient record (ePA) app delivery. MobiHealthNews asked Sandra Hoyer, ePA project manager at one of Germany’s main insurers, Techniker Krankenkasse (TK), how the implementation works - and how it has been used so far.
Q. The payers are responsible for providing the national ePA in Germany. How does that work?
At the moment we provide an ePA app. As of 2022, there will also be a non-web-based desktop version. The purely mobile approach currently guarantees us secure access to the ePA because it allows us to install ID systems with the required security standards.
As a health insurance fund in Germany, we have been legally obliged to deliver the ePA by 1 January 2021 and to make it available to the insured. Basic functionalities and infrastructure have been specified by gematik and are mostly predefined.
We implement the ePA via a mobile app that supports Android and iOS. Access to our ePA 'TK-Safe' is via the service app, the TK app. Thus, the ePA is not a separate app. Insured persons do not need several apps, but can access all services via one app. Anyone who clicks on the 'TK-Safe' function in the TK app is taken to their ePA.
As a partner of TK, IBM built the entire backend file system according to gematik specifications. We developed the frontend ourselves - in other words, the app interface that the customer sees.
Q. How have TK policyholders been using the ePA so far?
TK already started two years ago with the electronic health record (eGA) under the name 'TK-Safe' - at that time still on a different legal basis. At the turn of the year, when the transition from eGA to ePA took place, 280,000 of our total of 10.8 million insured were using eGA. These can now switch to the ePA.
90,000 TK customers have been using the ePA since its launch on 1 January 2021.
Q. What are the challenges of setting up the ePA app?
Since insured persons can store their sensitive health data in the electronic patient file, the ePA must be particularly secure. Accordingly, registering for the ePA requires more steps than users are familiar with from commercial apps. One step, for example, is authentication using the identity card. TK uses a Robo-Ident system so that insured persons do not have to go to the customer advisory service and can go through the authentication process completely digitally. In this way, we were able to enable our insured persons to log in to the ePA even during the lockdown and closed customer consultations.
Q. Can the ePA already be used in practice?
Yes, it has been deployed. However, the ePA has been launched as a so-called MVP (Minimum Viable Product). This means that the ePA is initially launched as a basic version and the functions are gradually rolled out. The core benefit of the ePA is the exchange of data between the insured and healthcare providers.
On the side of the service providers, however, secure access must be guaranteed. The connectors with which the service providers are connected to the telematics infrastructure to exchange information with the ePA do not yet have final ePA approval. For this, they must pass a field test.
Only then will the second element will be fulfilled - that doctors are not only technically, but also legally able to commission the data transfer into a patient's ePA. After the field tests, service providers will also be able to fill the ePA in practice from 1 July 2021, and at the latest, into the third to fourth quarter of 2021.
For us, it was enormously important to be able to offer our insured a filled file and many practical functions already at the start of the ePA basic version. That is why we at TK integrated self-management functions such as preventive care and vaccination recommendations, medication schedules and billing data into TK-Safe right from the start. This means that insured persons have many helpful functions in their file, even though they cannot yet share their data with their doctors.
Q. What can Germans do with the health data within their ePA?
The use of the ePA is voluntary. The patient can grant access authorisations for individual practitioners and limit them to one day up to 540 days. The insured can share their documents from their personal area so that doctors may view them. From next year, they will be able to determine which doctor has access to each document.
Q. What lessons learned can you pass on to other countries?
In principle, it is advisable to rely on international standardisation, also with regard to structured data in the ePA in the future. The multitude of proprietary primary systems is a barrier. We can observe that especially on the part of the registered doctors but also for the hospitals to some extent. Most system manufacturers are not intrinsically motivated to provide such required interoperability.
Sandra Hoyer is the project manager responsible for the production and provision of the ePA in the care management of Techniker Krankenkasse (TK).
MobiHealthNews is a HIMSS Media publication.