Are Your Data Safe?
Mixed

Are Your Data Safe?

Concerns are growing regarding the level of data protection afforded to sensitive health information within Germany’s electronic patient record system. Louisa Specht-Riemenschneider, the Federal Commissioner for Data Protection, has voiced her concerns, highlighting a need for improvements to the granularity of access controls.

Currently, the system allows patients to manage who can access their data. However, Specht-Riemenschneider stated that the existing functionalities are not sufficiently detailed, falling short of the level of precision envisioned by European regulations concerning the European Health Data Space. She urged those responsible for the system to proactively adopt forthcoming European standards to avoid potentially costly and disruptive technical adjustments later on.

The Commissioner pointed out that initial plans for the German system had included a more document-specific default setting which was subsequently relaxed. She suggested that patients should ideally review and adjust visibility settings within the app prior to each medical appointment.

Specht-Riemenschneider also expressed personal reservations regarding the use of the electronic patient record, stating she is currently undecided and will carefully assess the functionalities offered by her health insurance provider.

Acknowledging the inherent risks associated with any digital system, the Commissioner stressed that complete security cannot be guaranteed. She referenced a recent security vulnerability disclosed in December by the Chaos Computer Club, where unauthorized access to patient data was possible via forged credentials. While measures have subsequently been implemented to mitigate this risk, the potential for misuse remains a concern.