Telematics infrastructure

Over the last 15 years, and almost entirely unnoticed by the public, a system for secure data transmission within the German health sector has been under development. It bears the somewhat unwieldy name ”telematics infrastructure“ (TI), a compound artificial word made up of the terms telecommunications, information technology and infrastructure. As a vast and highly secured network, it aims to connect all participants within the German health system, i. e. over 170,000 doctors' and dentists' practices, 22,000 pharmacies, 3,000 hospitals as well as therapists, midwives and health insurance companies, in order to exchange patient data of the more than 73 million people with statutory health insurance and soon also 8.7 million people with private health insurance.

Updated 2nd March 2021 — Michael Vorwerg

Participation in the telematics infrastructure (TI) is not voluntary. A number of laws, most recently the ”Pflege­modernisierungs­gesetz“ (German Nursing Care Modernisation Act, DVPMG) of January 2021, have obliged healthcare stakeholders to connect to the TI and to purchase specially developed devices for this purpose. This includes the card terminals into which you insert your health insurance card (eGK) in our practice. The card terminals are connected to a ”eHealth connector“, a sealed internet router that establishes an encrypted connection with the central servers of the TI by a ”Virtual Private Network“ (VPN). The countless computers, card terminals, connectors, data lines and the various central servers make up the infrastructure for those networked applications that are called telematic.

The security requirements are high. A transmission protocol called ”Kommunikation im Medizinwesen“ (communication in Medicine, KIM) has been introduced for a strong end-to-end encryption of your patient data. KIM works similarly to an email programme with mandatory encryption. Anything from a doctor's letter to X-ray images or any other message will be encrypted. To verify the sender and ensure that the message is unaltered, each document is digitally signed before it is sent and the signature is checked by the recipient. Each sender must personally authenticate the process using a ”smart card“. As doctors, we each have our own ”electronic health professional card“ (eHBA) for this purpose.

In future (probably from October 2021), certificates of incapacity for work (Arbeits­unfähigkeits­bescheinigungen or AU-Bescheinigungen) will be sent to your health insurance company exclusively via KIM. The exchange of doctor's letters, findings, X-ray images, laboratory results and other medical data has been voluntary up to now. Other data, however, must be exchanged electronically. Specialist referrals will in future (the introduction is still pending) be stored on your eGK and transported digitally to the target practice instead of on paper. Furthermore, prescriptions for medication (from 2022 on) or for medical aids, physiotherapy or nursing care will be redeemable via a smartphone application in your pharmacy, physiotherapy practice or nursing station.

For authentication, you have your electronic health insurance card (eGK). The functionality of this card has been significantly expanded. So far, it is supposed to tell us your ”master data“ (name, birthday, address, etc.). We need this data to bill your health insurance company. In addition, the eGK now also identifies you to the telematics infrastructure (TI). If you wish, we can store your list of medicines on your eGK so that you have it with you every time you visit the doctor. There is also some storage capacity on your eGK for emergency data, so that important data will be available in case of an emergency. This includes your diagnoses, allergies, medication, blood group, contact details for your doctors and relatives, or the location of documents such as health care proxy, living will and organ donor card. With the ”Pflege­modernisierungs­gesetz“ (Nursing Care Modernisation Act, DVPMG) of January 2021, it was surprisingly decided that the recently created storage capacity will be removed from your eGK. Emergency data and medication lists are to be moved to the TI. New smartphone applications are to be created for this purpose.

A voluntary ”electronic patient file“ (ePA) has already been implemented and can be used in ”test phase“ since the start of 2021. In the near future it should replace the cardboard folder that some patients have at home to keep their medical file in. At your request, your health insurance company will provide you with a smartphone application (with which you can store your diagnoses, medications, examination findings, doctor's letters or data you have collected yourself, such as blood pressure/blood sugar readings, in encrypted form in the telematics infrastructure (TI). With a smartphone you can, for example, scan and upload medical records. In a doctor's practice, including ours of course, documents can be copied directly into your ePA. You alone have control over all your personal medical data. You may save and delete documents or release them to your practitioner using your eGK and a six-digit PIN. You will receive this PIN from your health insurance company.

However, there are also concerns and criticisms regarding privacy and data protection in the TI. Health data is usually stored for many years. If it becomes public, it can be difficult to delete it again. Because the data is stored centrally by a few providers, a malicious attack can lead to the disclosure of sensitive data of millions of insured people. Such data leaks have occurred repeatedly in other countries with electronic patient data, e.g. the US or, most recently, Brazil and Finland. In the worst case this could, for example, lower your credit rating or your chances of getting a new rental flat, for example. As recently as December 2020, security experts from Münster University of Applied Sciences (link to a German website) were able to find about 200 incorrectly configurated eHealth connectors over insufficiant secured internet connections and read out confidential patient data. Card terminals have also already been manipulated by IT experts (link to a German website). There is no 100% security in data networks.

As practical as the electronic patient record may be, it is still running in ”test mode“ throughout 2021. During this time, you can only release your complete ePA to a medical practice. The option to release individual documents is not planned in the first year and will only be possible from 2022. Elementary data protection principles such as ”necessity“ and ”purpose limitation“ would have been disregarded if, for example, a therapist could read one of our psychiatric doctor's letters although you only want to show him an X-ray.

In addition to this data release, the use of your electronic patient record (ePA) requires a ”suitable terminal device“ such as a smartphone or a tablet computer as the various applications for ePA or electronic prescription have to be installed on one. This excludes at least some of our older, impaired or less technically skilled patients. They are particularly limited in the possibilities of their ePA and will not be able to view, individually release or delete documents. Therefore, we see the intended ”patient sovereignty“ as only partially given. But even with a smartphone the usability of the electronic patient record (ePA) can be problematic. Some already existing applications for the administration of the ePA apparently have considerable deficiencies, as recent security checks (link to a German website) could show. So far, not all of these smartphone applications can be recommended without hesitation.

The Federal Commissioner for Data Protection (link to a German website Ulrich Kelber has repeatedly issued warnings to health insurance companies. He does not see the ePA in line with European data protection laws, in particular the ”General Data Protection Regulation“ (GDPR).

Our conclusion

In principle, we welcome digitalisation in the health care system. In our practice, we have been switching from paper-based patient records to fully electronic documentation for several years now. Since 2018, we are equipped with eHealth connector and card terminals and connected to the telematics infrastructure (TI). From our point of view, the TI can be a sensible and secure extension through networking with other medical practices, hospitals, therapists and pharmacies. In this way, findings, doctor's letters, laboratory results or MRI images, but also specialist referrals or prescriptions can be exchanged more easily and quickly. Duplicate examinations or drug interactions can probably be avoided much more effectively with the help of the TI.

The transmission through ”Kommunikation im Medizinwesen“ (KIM) is strongly encrypted and signed. This opens up the possibility for us to also send your doctor's letters and findings electronically to your other practitioners. Although we have been offering email encryption in our practice since 2020 using the free and open source softwareGnu Privacy Guard (GnuPG)“, this has only been received cautiously by our colleagues. Because all medical practices, hospitals and practitioners must be connected to the TI, we now have a uniform, widespread and secured transmission channel.

The storage of your emergency data and medication list on your eGK seems to us to be reasonable and, as far as we know, secure. We do not understand why the memory should be removed again. If you want to use these features, please contact your health insurance company. They will activate the necessary function. Legally, you have a right to this.

However, we currently advise against the use of the voluntary electronic patient record (ePA) during the current ”test phase“ (until 2022) for the reasons mentioned above. Although the ePA as a central storage location for all your health documents can lead to clarity and completeness, but security, privacy and implementation can still be improved.

The development and specification of the components of the telematics infrastructure (TI) is in the hands of the ”Gesellschaft für Telematik“ (gematik GmbH (link to a German website)). This company immediately worked on and improved the security problems that had become known so far. The fact that all specifications are openly accessible improves our trust in the TI. Similar approaches have proven successful in the development of open source software.

If you would like to use the voluntary functions of the TI including the ePA, please contact your health insurance company. Of course, we will (after explaining the risks and obtaining your consent) transfer your documents to your ePA or eGK. If you are still unsure, you can find more information below. We have compiled further details for you by keyword. If you have any more questions, please do not hesitate to contact us.

We intend to keep this page up to date in order to inform you about new developments.

Mandatory features

Some functions of the telematics infrastructure (TI) are required by law and are being (or have already been) introduced.

The ”Versicherten­stammdaten­management“ (master data management, VSDM) is mandatory and was the first feature of the telematics infrastructure (TI). According to the German law book of Social Code (Sozial­gesetz­buch SGB V § 291), your master data must be stored onto your electronic health card (eGK) and in the telematics infrastructure (TI). It includes your name, date of birth, gender and address, as well as your health insurance company and your (permanent) health insurance number. Since January 2019, every time your eGK is read in a card terminal, the data on your card is compared with that in the TI and corrected if necessary. A correction may be necessary if, for example, you have a new address after moving house. We need the master data for billing with your health insurance company.

The ”elektronische Arbeits­unfähigkeits­bescheinigung“ (”electronic certificate of incapacity for work“, eAU) will be introduced in October 2021. In case of illness, you previously received multiple copies of a paper-based certificate. One of these, you had to submit to your employer and send another to your health insurance company. This procedure was changed with the ”Terminservice- und Versorgungsgesetz“ (”Appointment Service and Supply Act“ TSVG) of May 2019 and the »Bürokratie­entlastungs­gesetz III« (”Bureaucracy Relief Act III“) of January 2020. In case of illness, you will ”only“ have to call your employer to report sick. Your doctor will issue an eAU digitally and send it (via KIM) to your health insurance company. At the request of your employer, the health insurance company will provide them with information about the beginning and duration of your illness (but nothing more). From our point of view, this new feature can lead to a considerable simplification for you and for us.

The ”elektronische Überweisung“ (electronic referral) is mandatory and will come, but we do not yet know when it will be introduced. Referrals to doctors will no longer be issued in paper form but stored on your electronic health card (eGK). The targeted doctor will then be able to read the electronic referral with the eGK. Because many patients are referred to us as a specialist practice, we welcome this new feature.

The ”elektronisches Rezept“ or ”eRezept“ (electronic prescription) is mandatory from 2022 and applies to all prescriptions of medicines including narcotics. Using an ”eRezept application“ on your smartphone or tablet computer, you can redeem your prescriptions at a pharmacy. If you do not have a smartphone or do not want to use it, you will receive a paper barcode (”token“) that you present at a pharmacy. This serves as access information for the pharmacy to retrieve the prescription from the telematics infrastructure (TI). With the ”Pflege­modernisierungs­gesetz“ (”Nursing Care Modernisation Act“, DVPMG) of January 2021, an extension to electronic prescriptions was decided. It now includes physiotherapy, ergotherapy, speech therapy, nursing care and medical aids. From our point of view, the new electronic prescription still has to prove itself. So far we have not seen such an ”eRezept smartphone application“, first test runs are to start from July 2021. The advantage of the barcode instead of the ”old prescription“ is not clear to us. This alternative is not envisaged, although pharmacies should still be able to process a paper prescription. The failure of a central server of the TI would result in the loss of your electronic prescription. As a patient, you cannot decide against the storage of your personal data (prescriptions) on a central server.

Voluntary features

Some features of the telematics infrastructure (TI) are voluntary. This means that you can decide for yourself whether you want to use them or not. You must have these features activated by your health insurance company.

The ”elektronische Patientenakte“ (electronic patient record, ePA) is voluntary and has been in ”test phase“ since January 2021. It is intended as a central storage location for your entire medical record. You have to apply for its use with your health insurance company and will then receive an ”ePA application“ for your smartphone or tablet computer, as well as a six-digit PIN for your electronic health card (eGK). Your health insurance company will suggest some commercial providers who offer ”files“ for your ePA. On the servers of this provider, your health data will be stored in encrypted form. Neither the provider nor your health insurance company must have access to your data. To ensure this, the key for your ePA consists of two parts that are stored on different servers called ”Schlüssel­generierungs­dienste“ (key generating services, SGD) and are only put together on your smartphone or in our practice. Only with the complete key your ePA may be opened. One SGD-server is with your record provider, the other with an operator of the ”Gesellschaft für Telematik“ (German association for telematics "gematik GmbH", link to a German website). You have two options to register in your application. Either your smartphone communicates with the NFC chip of your eGK (most modern smartphones can read it) and you enter your PIN. This is considered the most secure option according to the ”Gesellschaft für Telematik“ and the ”Bundesamt für Sicherheit in der Informations­technik“ (Federal Office for Information Security, BSI). Alternatively, you receive an activation code from your health insurance company, which you enter in your app. You are responsible for maintaining the ePA yourself. You can save or delete documents such as findings, doctor's letters or data you have collected yourself (e. g. blood pressure values) with your application. Additionally, we may transfer documents to your ePA, too. According to the ”Patienten­daten­schutz­gesetz“ (Patient Data Protection Act, PDSG), you have the right to do so. You will have to release your ePA to us using either your eGK and PIN or your ePA application. Only after the end of the ”test phase“, probably from January 2022, will you be able to use your application to specify exactly which document you want to release for how many days and for which practitioner. Until then, you can only release the entire ePA. Without the smartphone application, however, you have no possibility to save, view or delete data, and therefore must give your practitioners the order to do so. From our point of view, there is currently scepticism regarding the usability, privacy and data security of the ePA, which is why we still advise against its use.

The ”Notfall­daten­management“ (emergency data management, NFDM) is voluntary. You may have your family doctor or us store emergency data such as diagnoses, medication, allergies, contact details of your relatives and doctors, as well as the location of documents such as living wills, health care proxy and organ donor card onto your electronic health card (eGK). In case of an emergency, an emergency doctor or paramedic can access this data with your eGK and an electronic health professional card (eHBA). Every access to your emergency data is logged on your eGK. At your request, the emergency data can be deleted again. Additional protection with a six-digit PIN is possible, but we do not recommend it. If you do not remember the PIN, then the data on the card cannot be changed or deleted. However, even without your PIN it would be possible to read your data in an emergency. Unlike in a doctor's practice, you do not have the right to have emergency data transferred to your eGK in a hospital. This was not anchored in the ”Patienten­daten­schutz­gesetz“ (Patient Data Protection Act, PDSG). This is difficult for us to understand, as especially in inpatient care, data is generated that should be documented (e. g. information about implants inserted). Nevertheless, in our view, NFDM is a useful new feature that can save lives.

The ”elektronischer Medikations­plan“ (electronic medication list, eMP) is voluntary. If you take at least three different medications, we will draw up a so-called ”bundeseinheitlicher Medikations­plan“ (uniform medication plan, BMP). From now on, it can be stored additionally and voluntarily as an eMP on your electronic health card (eGK). We, as well as other treating doctors, and now also pharmacists, can make entries. In addition to your eGK, you need a six-digit PIN that you receive from your health insurance company. Because the eMP is secured with your PIN, you have control over who can view, change or delete it. In our view, the eMP could become a useful successor to the BMP. Nevertheless, the BMP will remain mandatory for the time being. Duplicating documentation onto the eGK can be helpful if you do not want to carry your medication list with you in paper form. This would be understandable if you have your eMP on your eGK anyway. Because pharmacists can also make entries, non-prescription medicines are also included in the eMP. In our view, this is a sensible extension.

”Digitale Gesundheits­anwendungen“ (digital health applications, DiGA) are ”smartphone applications“ that patients are supposed to use themselves in order to carry out exercises or self-assessments in the context of their illnesses. If the apps have been tested by the German ”Bundes­amt für Arznei­mittel und Medizin­produkte“ (Federal Office for Drugs and Medical Devices, BfArM), they may be called DiGA and prescribed by doctors. You can find a list of approved DiGAs here (in German language). To obtain a DiGA, you need a prescription from us, which you submit to your health insurance company. From there you will then receive an activation code with which you can download and activate the application. According to the ”Pflege­modernisierungs­gesetz« (Nursing Care Modernisation Act, DVPMG) of January 2021, the data from the DiGA should be transferable to the electronic patient record (ePA).

”Digitale Pflege­anwendungen“ (Digital nursing applications, DiPA) are ”smartphone applications“ that nurses may use in patient care. They were introduced with the Pflege­modernisierungs­gesetz (Nursing Care Modernisation Act, DVPMG) of January 2021. The idea is to have these applications help with documention (e. g. for falls, or for balance exercises). The long-term care insurance funds are to cover the costs. The law is not yet in force. Presumably, you will submit a prescription for a DiPA to your health insurance company, similar to the DiGA.

More features are planned. Vaccination cards, maternity cards, ”U-Heft“ (Documentation booklet of examinations for children) and dental bonus booklets are voluntary and will be stored and maintained in your electronic patient record (ePA) from 2022. You can grant your doctor access to the documents for processing. These new features can be useful to remind you of appointments such as for vaccinations or screening examinations. As a neurologist's practice, we will probably have little contact with these new features.

Technical terms

The ”elektronische Gesundheits­karte“ (electronic health card, eGK) has been mandatory since 2015 and is issued to you by your health insurance company. Because it contains a chip it is called a ”smart card“. The chip is used for identification and additionally contains a storage capacity of 58 kBytes for your master data, consent to voluntary features of the TI, electronic prescriptions and electronic emergency data. Your name and photo are printed on the front of the card. In addition, according to the ”Patienten­daten­schutz­gesetz“ (Patient Data Protection Act, PDSG), the eGK allows access to the telematics infrastructure (TI) including the ”electronic patient record“ (ePA). To use these features, however, you must first authenticate with a PIN using one of our card terminals. You will receive your PIN from your health insurance company when you apply for the use of an electronic patient record (ePA). The structure and features of the eGK are described in several specifications (links to a German website) by the gematik GmbH (links to a German website).

The ”elektronischer Heilberufs­ausweis“ (electronic health professional card, eHBA) is a doctor's identity card. All our doctors have an eHBA with which they can authenticate themselves to the telematics infrastructure (TI). It is protected by a PIN. A signature with the eHBA is considered legally binding and is called a Qualified Electronic Signature (QES). Structure and functions of the eHBA are described in the specification of the eHBA (link to a German website) by the gematik GmbH (links to a German website).

The ”Kommunikation im Medizinwesen“ (communication in medicine, KIM) is a technical protocol for the encrypted transmission of data via the telematics infrastructure (TI). KIM works similar to an email programme with mandatory encryption. Each message and document is encrypted before being sent, transported via the TI and decrypted again by the recipient (end-to-end encryption). A messenger service is also planned with the possibility of sending multimedia files. Senders have to identify themselves with a ”elektronischer Heilberufs­ausweis“ (electronic health professional card, eHBA) by means of the so-called Qualified Electronic Signature (QES). This way, transmission history remains transparent and manipulation of messages is prevented. Many TI-services are based on KIM, e. g. the electronic doctor's letter or the ”elektronische Arbeits­unfähigkeits­bescheinigung“ (electronic certificate of incapacity for work, eAU). Registration with a KIM service is obligatory for us according to the ”Termin­service- und Versorgungs­gesetz“ (Appointment Service and Care Act, TSVG) of May 2019. The specification is carried out by the gematik GmbH (link to a German website).

The ”Qualified Electronic Signature“ (QES) was introduced to provide a signature for digital documents. This assures recipients of medical data about the identity of the sender. An electronic health professional card (eHBA) is required for a QES. It is considered a legally binding signature.

The ”eHealth connector“ is a sealed VPN router that connects our practice network with the central servers of the telematics infrastructure (TI). All communication with the TI, signatures and encryption/decryption are provided by the connector. A device card (”gSMC-K“) is installed in each connector, which uniquely identifies the connector to the TI. The specification (link to a German pdf) is carried out by the gematik GmbH (link to a German website).

The ”eHealth card terminals“ are the devices in our practice into which you insert your electronic health card (eGK). The card terminal is equipped with numeric keys to enter your PIN (similar to an ATM) in order to identify yourself to the telematics infrastructure (TI). Each card terminal contains a PIN-protected SMC-B card as an ”institution ID“, which authenticates our practice to the TI. The card terminals are directly connected to the ”eHealth connector“. The specification (link to a German pdf) is carried out by the gematik GmbH (link to a German website).

A ”digital identity“ is a set of electronically available information sufficient to authenticate a person or institution to a computer. This is done at a low security level by entering a username-password combination. But passwords can be stolen. Therefore, if higher security is required, further procedures are necessary. A typical example is ”two-factor authentication“ in online banking, where different devices are used. In the telematics infrastructure (TI), certificates on ”smart cards“ are used to digitally represent connectors, medical practices, insured persons (you) or doctors (us). Your smart card is your electronic health card (eGK), while ours is the electronic health professional card (eHBA). The ”Pflege­modernisierungs­gesetz“ (Nursing Care Modernisation Act, DVPMG) of January 2021 introduced digital identities to ensure, for example, that the person you are talking to during video consultations is who they say they are. You will probably identify yourself from home with a certificate on your smartphone and by entering a PIN.

Telemedicine, a made-up word from ”tele“ (Greek τῆλε = far away) and ”medicine“ stands for medical treatment at a distance. During the coronavirus pandemic, the need for telephone or video consultations became apparent. However, basic principles were already laid down in the »E-Health-Gesetz« (E-Health Act) of May 2015. In the »Pflege­modernisierungs­gesetz“ (Nursing Care Modernisation Act, DVPMG) of January 2021, the emergency medical service (CALL 116117) was granted the option of video conferencing for assistance, especially in more sparsely populated regions. For technical simplification, patients and doctors are to receive digital identities that allow authentication independently of the electronic health card (eGK) or the electronic health professional card (eHBA).

Laws

The ”Gesetz für sichere digitale Kommunikation und Anwendungen im Gesundheits­wesen“ (Secure Digital Communications and Applications in Health Care Act, also called ”E-Health Act“) of May 2015 was passed to introduce ”Digitale Gesundheits­anwendungen“ (Digital health applications, DiGA) and establish the various features of the telematics infrastructure (TI). The declared goal is to improve ”economic efficiency, quality and transparency“. The law contains a fixed timetable for the introduction of emergency data management (NFDM), the electronic medication list (eMP) and protected transmission protocols (later referred to as KIM). The Qualified Electronic Signature QES was established. Telemedical applications such as video consultation were to be facilitated. In addition, the foundations were laid for the further development of the TI and its use by non-medical professions such as therapists or nurses.

The ”Termin­service- und Versorgungs­gesetz“ (Appointment Service and Care Act, TSVG) of May 2019 was introduced for shortening the waiting time for appointments in medical practices. In addition, it obliges the statutory health insurance companies (GKV) to offer electronic patient files (ePA) and access to them via smartphone or tablet computer, even without the electronic health card (eGK). In addition, ”electronic certificate of incapacity for work“ (eAU) may only be sent digitally to the GKV.

The ”Digitale-Versorgung-Gesetz“ (Digital Health Care Act, DVG, also known as ”E-Health Act II“) of December 2019 regulates the introduction of ”Digitale Gesundheits­anwendungen“ (Digital health applications, DiGA). It also obliges pharmacies and hospitals to connect to the telematics infrastructure (TI). The connection of midwives, physiotherapists, nursing and rehabilitation facilities remained voluntary. New standards for digital interfaces were defined to improve data networking in the health sector. The regulations on electronic patient files (ePA) were explicitly excluded and were defined in the ”Patienten­daten­schutz­gesetz“ (Patient Data Protection Act, PDSG, see below).

The ”Patienten­daten­schutz­gesetz“ (Patient Data Protection Act, PDSG) of October 2020 lays the explicit foundations for the use of the electronic patient record (ePA) with regard to its contents and access rights. Patient sovereignty is intended to ensure that patients have a right to the ePA but no obligation, that the ePA is to be managed by the insured person himself/herself, that he/she decides from the outset which data is to be stored, who may access it and whether data is to be deleted again. Accessibility must be ensured. Insured persons should be allowed to release their data for research purposes. Only from 2022 onwards, a ”finely granulated“ authorisation management on document level or categories of documents or categories of medical specialties shall be mandatory. Data security is to be guaranteed by the telematics infrastructure (TI). In addition, the introduction of electronic prescription (”eRezept“) and electronic referral (”eÜberweisung“) is determined. From 2022, it should also be possible to store vaccination cards, maternity cards, ”U-Heft"“ (documentation booklet of examinations for children) or dentist bonus booklets in the ePA. Patients will have full access to their ePA via an application on their smartphone or tablet computer and will also be able to enter their own data (such as blood pressure or blood sugar measurements).

The ”Digitale–Versorgung–und–Pflege–Modernisierungs–Gesetz“ (Digital Nursing Care Modernisation Act, DVPMG) of January 2021 introduces ”Digitale Pflege­anwendungen“ (digital applications for nursing, DiPA). These are ”smartphone applications“ for nurses to help documentation (e. g. falls), trainings/exercises (e. g. balance exercises or memory games) for patients. The nursing care insurance funds are supposed to cover the costs. So-called ”Digitale Gesundheits­anwendungen“ (digital health applications, DiGA; not to be confused with DiPA) are already available. Patients are supposed to use these ”smartphone applications“ themselves to do exercises or self-assessments in the context of their illnesses. According to the new law, their data should be transferable to the electronic patient record (ePA). For this purpose, the DiGA should not only be checked by the ”Bundes­amt für Arznei­mittel und Medizin­produkte“ (Federal Office for Drugs and Medical Devices, BfArM), but also have to carry a ”certificate for information security“. Presumably due to experiences from the corona pandemic, the use of video consultations is to be facilitated. On the one hand, this will allow you to show your symptoms to the emergency medical service (CALL 116117) in a video conference. On the other hand, it offers the possibility to issue ”electronic certificate of incapacity for work“ (AU-Bescheinigungen) after a video consultation. For easier communication in the telematics infrastructure (TI), all participants are to receive a ”digital identity“, which is to be used for identification even without an electronic health card (eGK) or electronic health professional card (eHBA). The emergency data management (NFDM) and the electronic medication list (eMP) are now to be stored in the TI and no longer on the eGK, which will then no longer have its own storage capacity. New ”smartphone applications“ are to be developed for this purpose. An electronic organ donation declaration is also to be introduced with these apps. The electronic prescription (”eRezept“) application will be expanded so that prescriptions for nursing, physiotherapy or medical aids can also be filled. Therefore, other participants in the health care professions, such as nursing services or aid dealers, will also be obliged to connect to the TI. In addition, electronic prescriptions should be redeemable in other countries of the European Union (EU). For this purpose, an ”eHealth contact point“ is to be set up, which will also allow the exchange of health data with doctors in other EU countries.