Submitted text
The Federal Council is instructed to ensure that the EPD is user-friendly, reduces administration and provides added value for all stakeholders.. In particular, adjustments to the legal basis are required in the following areas:
- The EPD infrastructure is intended to be central basis be used for data storage for patients and data exchange for healthcare professionals in the Swiss healthcare system,
- The EPD infrastructure may be used for interoperable additional services be used. As a priority application, a protected space must be created for healthcare professionals in which they can enter and exchange secure data. Patients are only given access to the data after prior consultation with a specialist*.
- The regulation of the Access rights is to be simplified on the patient side. As a basic setting, all healthcare professionals will have access to the dossier. Patients have the option of excluding service providers (opt-out). If desired, the default setting can also be selected, according to which all healthcare professionals involved in the treatment are to be granted access individually or in groups** (opt-in).
*Example of interoperability: Patients should not be told that they have cancer via a report of the findings that is posted in the EPD. This must be communicated verbally by the healthcare professionals. Therefore, the data can only be entered into the actual EPD after the consultation. The service providers have the need for a protected mailbox that is only accessible to professionals. According to the current law (or rather the interpretation of the FOPH lawyers), it is not permitted to use the EPD infrastructure for this protected “service provider mailbox”.
** in hospitals or group practices it may be useful to grant access rights to groups (e.g. pediatric oncology in Inselspital).
Justification
The goal of the EPD is patient safety and quality optimization in the healthcare system. In addition, digitization should also lead to simplification of administration. However, hurdles in the EPD mean that administration becomes more complicated and the EPD infrastructure may not be used for data exchange, which calls into question the benefits of the EPD and must be corrected.
Statement of the Federal Council of 8.9.21
The Federal Council shares the concerns of the petitioner. In order to increase the benefits and dissemination of the electronic patient dossier (EPD), the following measures were taken within the scope of the Report from August 11, 2021 in fulfillment of the Postulate 18.4328 Wehrli “Electronic patient dossier. What still needs to be done before it can be used across the board?” examined and implemented a large number of measures that meet this objective. The report can be found on the website of the Federal Office of Public Health and on that of Parliament.
On the first point: all healthcare professionals involved in the treatment have access to the patient data, provided the patient has granted them the corresponding access rights. In addition, patients have the option of entering their own data in the EPD and making it available to the healthcare professionals treating them.
Healthcare professionals document the treatment of patients in the hospital or practice information system (HIS or PIS) of the healthcare facility. All data that is subject to medical documentation requirements (medical history) is stored in an HIS/PIS as a primary system. The EPD, on the other hand, is a secondary system through which only treatment-relevant data, a subset of the data in the HIS/PIS, can be retrieved. The EPD can therefore not replace the HIS/PIS.
So that healthcare professionals do not have to store data in both the HIS/PIS and the EPD, a so-called deep integration of the EPD into the HIS/PIS enables automatic transfer of data into the EPD.
On the second point: As stated in the report in fulfillment of Postulate 18.4328 Wehrli, supplementary services such as eMedication are to be promoted.
The EPD places the needs and the right of patients to informational self-determination in the foreground. This means that the patient’s access to all his or her own data in the EPD is of central importance. A weakening of this principle can lead to a loss of patient confidence in the EPD. The technical implementation of this measure in the EPD would be demanding and would lead to additional costs.
It is also the responsibility of the healthcare professional to decide which data is made available in the EPD and when, and can therefore be viewed by the patient. Documents containing sensitive diagnoses for the patient should therefore only be made available in the EPD after verbal discussion with the responsible healthcare professional.
Thirdly, the current access control system allows patients to decide for themselves who has access to their health data. Patients who are not digitally literate can be supported by authorized proxies, such as relatives. With the opt-out outlined in the motion, all healthcare professionals would in fact have access to patient data, provided that patients do not exclude certain healthcare professionals from accessing the EPD.
From the point of view of data protection and also from the point of view of the patient’s informational self-determination, this is not desirable. The opt-in model addressed in the motion corresponds to the current regulation of access rights, according to which the patient can grant access rights individually or in groups. In addition, he or she can authorize the healthcare professionals to pass on their access rights to other healthcare professionals, which means that he or she does not have to authorize each healthcare professional in a hospital department or a network of physicians individually.