(the texts linked in this section are in German only – DeepL may help):
Digitale-Versorgung-Gesetz (“digital healthcare act”, passed in 2019). The law mandates the collection of patient data held by statutory health insurances in a “research data center” for scientific purposes. Data collection was supposed to start october 2022, but so far it has been obstructed by the lack of IT infrastructure on the part of the research data center and law suits by concerned persons and privacy advocats.
Digitalgesetz (“digitisation act”, no draft has been presented yet), content according to the “digitization strategy” of the Federal Ministry of Health and an interview with two (sub-)department heads of the Federal Ministry of Health (in German):
- By the end of 2024, the electronic health record (EHR) is to be set up for all statutorily insured persons (opt-out).
- The e-prescription is to become mandatory on January 1, 2024.
- A medication overview is to be created automatically from the e-prescriptions in the EHR.
- “Assisted telemedicine” is to be able to be offered in pharmacies or “health kiosks” in the future, particularly in underserved regions.
- Disease management programs are to be expanded to include more digitalized programs.
- The Gesellschaft für Telematik (gematik GmbH), which manages the development and operation of the German telematics infrastructure, is to be transformed into a “digital agency” that is wholly owned by the federal government. Physicians’ associations will then no longer be involved there.
- Agreement with the Federal Commissioner for Data Protection (BfDI) and the Federal Office for Information Security (BSI) will also no longer be necessary in the future. Instead, an interdisciplinary committee made up of representatives from BfDI, BSI, medical science and ethics is to “advise” the digital agency on data protection and data security issues.
Gesundheitsdaten-Nutzungsgesetz (“health data use act”, no draft has been presented yet), content according to the “digitization strategy” of the Federal Ministry of Health and an interview with two (sub-)department heads of the Federal Ministry of Health (in German):
- A central data access and coordination body is to provide access to personal health data from various sources (e.g. cancer registries, health insurance data). The different data sources are to be linked by “research pseudonyms”.
- Cross-Länder research projects in the health sector are to be subject to the supervision of only one Land data protection commissioner. (A “Land” (plural: “Länder”) is one of the federate states that make up the Federal Republic of Germany).
- The “researching industry” will also be allowed to submit applications for access to data in the research data centre (that was installed by the “Digitale-Versorgung-Gesetz”, see above).
- Patients are to be able to control data release from the electronic patient record (ePA) in future via the (optional) ePA app. The health data of ePa app users will be automatically transferred to the research data centre (unless one objects). Pseudonymised ePA data are to be automatically retrievable via the research data centre for research purposes.
- what information do we have?
Other EU member state’s legislation?
(italics indicate that the respective section is incomplete and in need of improvement…)