How do we blast protein in NCBI

PMC

Tegernseer Landstr. 49, 81541 Munich, Germany
Corresponding author.
Copyright © Professional Association of German Nerve Doctors (BVDN) 2021
This article is made available via the PMC Open Access Subset for unrestricted research re-use and secondary analysis in any form or by any means with acknowledgment of the original source. These permissions are granted for the duration of the World Health Organization (WHO) declaration of COVID-19 as a global pandemic.

The introduction of the electronic patient record is not only controversial in Germany. In other countries, too, central data storage, the involvement of private companies, high costs as well as coercion and a lack of transparency have proven to be stumbling blocks.

Since January 1, 2021, the statutory health insurances in Germany have to be able to offer their insured persons an electronic patient record (ePA). The project remains controversial, not only because of the questionable benefits and high costs, but above all because the regulations made in the "Patient Data Protection Act" are not GDPR-compliant. The Federal Data Protection Commissioner Ulrich Kelber has pointed this out several times and has issued warnings to the 65 health insurances under his supervision that there is a risk of GDPR violations due to "inadequate data control" and an unsecure authentication process. Filling and using the ePA need to be carefully considered under these circumstances.

Chaos in Austria

A look at other countries shows that here, too, security, data protection and acceptance are not always given. In Austria, for example, in August 2019 there was a report on "chaos after the ELGA start in Vienna" [1], and the medical association even advised against the use of the "electronic health record", as it is called there. Software problems, system crashes and significant delays in printing a QR code on a prescription left many doctors in despair. Patients are automatically included, but can unsubscribe as part of the opt-out solution, which around 300,000 citizens have done so far. In 2018, the Medical Association recommended patients to withdraw from the ELGA after the government wanted to release personal data from the file for research. Although this could still be prevented, it highlights the problem that in retrospect the options for accessing and using data from eFiles can easily be changed, including through new government constellations.

Estonia - not at all exemplary

As we shall see in a moment, this problem is evident in Estonia, which has always been hailed as a role model. In 2019, ZEIT reported in detail on the digitization of health data there [2]. They are therefore encrypted and stored on a server. Access to this, each with a digit code, is possible via a smartphone app, the chip in the ID card and the electronic doctor's ID. This means that every employee in the medical system can view the health data of every citizen at any time. According to a representative of the Estonian Ministry of Health, the focus is on abuse detection, not on abuse prevention as is the case in Germany. Data from 20 systems are brought together there under state supervision, from the medical history to the X-ray image. All state institutions are connected to a national infrastructure for encrypted data exchange, as well as over 50,000 companies and organizations.

According to this report, the system has always been secure so far. In 2017, however, the FAZ had already reported on security gaps with reference to the Financial Times [3]. They were found on the identity card, so that more than every second person could have stolen their digital identity: "One could have expected it, yes, after all, in the digital world it is only certain that data is never secure. Some hackers will get hold of it, some secret service can get hold of them, "says the author laconically. This is not only true for Estonia. Changes in political conditions can also expand the use of state-centrally stored data in every country. The Süddeutsche Zeitung reported again just three days before the ZEIT article appeared: "From model student to bully. Populist ministers, racist slogans from MPs and attacks on journalists: Estonia, once a model state among young EU members, threatens to drift to the right. " [4]

Czech Republic stops EPR

A number of countries, on the other hand, stopped similar projects after some high investments. For example, the Czech Republic stopped the IZIP electronic patient file operated by a private company as early as 2012 [5]. According to a report by the "Tagesschau", this was due to allegations of corruption, data protection concerns and a lack of patient acceptance [6]. However, the Czech Republic is again involved in the Europe-wide exchange of electronic prescriptions introduced in 2019. By 2021, e-prescriptions and so-called patient briefs should be able to be exchanged between 22 EU countries, including Germany, within the framework of electronic cross-border health services [7]. This must also be considered when using (or not using) the EPR.

Little interest in ePA in France

So far, there has been little interest in the innovations in France. "Imagine there is an electronic patient file and nobody uses it," wrote the Bertelsmann Foundation in 2018 (this could also be the case in Germany from 2021, where, by the way, Arvato, the subsidiary of the Bertelsmann Group, operates the telematics infrastructure) [8]. Only a good 500,000 insured persons have made use of the voluntary use of electronic files. Criticism is ignited here above all at the central data storage, the individually reviewed collection of PDF documents, the costs, but also because Microsoft of all things was commissioned by the government as the provider of the technical infrastructure [9].

Breakdowns and a blown budget in England

In studies such as that of the Bertelsmann Foundation, England is often mentioned as a good user of electronic health data. So far, however, it has not happened without breakdowns. In 2006 the medical newspaper reported that the British IT network was over budget [10]. According to this, all primary medical practices, clinics and administrative offices of the National Health Service (NHS) should have been digitally networked since 2003. With investments of over € 34 billion, it was therefore the largest IT project in the world, according to the report. In 2014, however, the NHS prepared another controversial big data project [11]. The patient data of all NHS insured persons should be stored in a central database as part of "care.data". Allegedly anonymized data then turned out not to be anonymized at all. The NHS also sold hospital records to companies that calculate risks for companies. As in Austria, patients were automatically involved via the opt-out principle. Doctors did not know more about the system than the patients: 80% did not know exactly how and for what purpose the data should be used. As in Germany, doctors should be penalized if they fail to participate. The project was discontinued in 2016 [12].

Netherlands choose local solution without any compulsion

That would almost have happened in the Netherlands as well. The project with compulsion for doctors and pharmacists, central data storage and automatic patient participation initially failed in 2011 due to resistance from medical self-administration, and eight million data records that had already been created even had to be destroyed. In the meantime, the project has formally passed completely into the hands of the self-administration, the practitioners decide for themselves whether or not to connect to the national data switching center, patients must first be asked for consent in order to make medical data available. The data exchange structure is decentralized, so the flow of data is only possible locally and not across regional boundaries [13].

Danes can check who is accessing data

This is done in a similar way in Denmark. For the health care system, divided into five regions, they organize the provision of electronic patient files [14]. As of 2004, all general practitioners were obliged to use such an e-file and digital communication channels. The public health portal sundhek.dk is always checked by national and regional administrations and does not release the data for research or even commercial purposes [15]. The Danes are skeptical of the private sector, according to the head of sundhek.dk, M. Petersen [16]. It is therefore not surprising that the Danes trust the project to a high degree and use it frequently, and they can also check who has accessed their data. However, a data breach made headlines in July 2016: At that time, two unencrypted CDs containing health data for practically the entire population were delivered incorrectly and ended up at the Chinese Visa Office in Copenhagen instead of at the statistics office [17].

Data leaks everywhere

Speaking of data leaks: In the USA from 2014 to 2017, 363 data leaks affected over 130 million patient records, i.e. 30 million per year. In Norway alone, three million patient files were hacked in 2018 [18]. In Singapore, more than 14,000 data on HIV-positive patients were temporarily available on the Internet in 2019, presumably through a doctor who was in conflict with a high-ranking health official [19]. There have been further cyberattacks on health systems in several countries in recent years, the description of which would go beyond the scope of this article.

Voluntariness, trust and recognizable benefit are decisive

What conclusions can be drawn from looking at other countries? First of all, acceptance and trust by all users of an electronic patient record are important, which can be achieved primarily through voluntariness. A comprehensible benefit and an easy-to-use technique would also be necessary so that burnout phenomena do not occur, as has already occurred with American doctors when dealing with it [20]. As useful as digital tools are for individual diseases such as diabetes, there are few studies that could prove the medical benefits of such comprehensive, centralized data collections in the healthcare sector. Instead, progress through e-health and ePA is advertised across the board on numerous websites, mostly operated by private companies. The introduction of the ePA in Germany is currently also being justified with the COVID-19 pandemic. Here, however, a well-developed outpatient medicine has been able to avoid the high number of deaths that have so far been the case in neighboring countries. A shortage was less electronic than personnel - keyword nursing emergency and shortage of doctors.

Second, commercial interests and the private sector should not play a role in the operation of an EPR. A self-government that could provide digital communication tools like in the Netherlands would also exist in this country. However, KV-Connect was only rarely used, so that the legislator apparently thought that it had to use compulsion here. But if the head of the "Health Innovation Hub" installed by the Ministry of Health can envisage "other private companies for patient files" in addition to the health insurance companies [21], mistrust seems appropriate.

And thirdly, it must be borne in mind that centrally stored data is always prone to breakdowns and misuse. The latter is not only possible through hackers, but also through human errors or targeted action by authorized persons, whose circle can also be expanded at a later date. Any changes in the political situation can also have an unfavorable effect. Decentralized, voluntary, useful and transparent [22] - these should therefore continue to be the requirements if you want to manage health data digitally.

I would like to thank Dr. W. Deiss, internist from Siegen.

Dr. med. Andreas Meissner

Specialist in psychiatry and psychotherapy Tegernseer Landstrasse 49 81541 Munich

Email: [email protected]