Deutsch (Active: English)


Chaos Computer Club warns of incalculable risks with the electronic health card

After Dirk Drees, the former Chief Executive of gematik, threw in the towel in December 2007 due to technical problems, Peter Bonerz took over the management of the electronic health card project that has fallen increasingly behind schedule.

Even today gematik is producing no more than a theoretical concept for the project. At this year's Cebit exhibition Peter Bonerz had to admit that the planned network infrastructure cannot yet be brought online because the official call for tenders for the public key infrastructure (PKI) of the central backbone server network has still not been completed.

Gematik actually means business about what sounds like an April Fool , said Chaos Computer Club (CCC) spokesman Dirk Engling. Huge amounts of data are going to be amassed without any security architecture being hot-tested so far. A field test of the communication systems could not be performed due to the lack of the underlying call for tenders. Any small software outfit would perform better without a budget of billions.

During past field tests problems emerged according to gematik in accessing the health cards and in operating the new electronic receipt (e-receipt) that has been advertised as the eCard's main application. The field tests originally planned with 100,000 cards have just been called off completely.

At the same time, almost unnoticed by the general public, every citizen will have been assigned an unique number (Patient ID) for the health card. With this identifier every person and his health history can be tracked - even years later. Master data for all citizens, including their health insurance number, will be stored centrally in unencrypted form for use in authentication. Moreover, electronic patient records, which have to date been voluntary, will also be stored centrally, even though the Federal Government still maintains that control of sensitive data remains with every member of health insurance schemes.

In addition, it is apparent from the health card technical documentation made available by the Department of Health that so-called added-value services are planned for introduction at a later date. The immense costs of introduction and running the infrastructure are to be recouped in future by this dubious business model.

It's not acceptable for patient data to be used as a commodity even if this data has been retained voluntarily. For a casualty patient it might be unpleasant to find a special offer for cheap hip replacements in the mail. The Federal Government has so far not explained exactly what these ominous value-added services are to be used for, commented CCC spokesman Dirk Engling. Even the Federal Government's answer to a Free Democrats (FDP) parliamentary question on the electronic health card gave no clarification. [1]

The CCC is warning against the introduction of electronic health cards as the necessary evaluation field tests have not been carried out as scheduled due to poor planning, even though from April onwards the experiment's incalculable risks and knock-on effects will be borne by patients and members of the medical profession. Anyway, data protection is mainly to be guaranteed by medical practices and clinics that will themselves gain no additional benefits from the eCard. On the contrary, doctors and pharmacists are the ones having to pay the costs of the ? 4.5 bn. project. At any rate, the Federal Government is no longer claiming medical benefits for the health card. Furthermore, there is no justification as to why billions are being spent on the project.

Links and additional information