Doctor sitting at a computer in a practice laboratory

Electronic Patient File for All (ePA) 

The electronic patient file (ePA) is a central tool for the digitalisation of the healthcare system in Germany. For healthcare providers – such as doctors, psychotherapists, dentists, nursing staff, pharmacies, and others – it opens up new ways of delivering efficient, secure, and cross-sector healthcare as well as documentation. The objective is to sustainably improve insured patient care by structuring and digitally consolidating health data within the relevant treatment context. In general, an ePA is created for all persons with statutory health insurance; however, insured persons can make use of the opt-out procedure and object to the creation of an ePA.

How the ePA works

Pictogram Document protected

Function of the Electronic Patient File

The ePA for all is a digital patient record in which medical documents can be stored, such as doctor's letters, diagnostic reports, medication plans, medication lists, the dental treatment records, and in the future the vaccination records, and other health-related information. Patients can manage their records via an app provided by their health insurance company, view its contents themselves, upload documents, and individually grant access permissions – for example to their doctors practices or psychotherapists, or to care facilities or pharmacies. 

Healthcare providers are granted access the electronic patient file for 90 days by inserting the electronic health card (eGK) and using the institution’s primary system, provided they have been granted access by the patient. This means, for example, that a doctor can only access a patient’s ePA if the patient has visited the practice and inserted their electronic health card into the card reader. Access to the ‘data highway’ of the telematic infrastructure is enabled for healthcare providers via their primary system in combination with a card reader, electronic health professional card (eHBA or eBA), and the security module card for medical institutions (SMC-B). 

The ePA is particularly relevant in the medication process, as current medication data can be viewed and transferred.

The Electronic Patient File within the Telematic Infrastructure (TI)

The ePA is a core application of the telematic infrastructure (TI). While the TI is administered by gematik (national digital health agency), the statutory health insurance company implement the requirements set by gematik for the ePA for all within their individual applications. The telematic infrastructure securely and interoperably connects all stakeholders in the healthcare sector – inpatient and outpatient care, pharmacies, hospitals, care facilities, health insurance companies, and others. 

Connection to the TI is still largely established via connectors and card terminals, which enable access to the ePA through the eGK. Within the telematics infrastructure (TI), the electronic patient file (ePA) serves as the central repository for the documented and standardised exchange of health data between different healthcare providers in the relevant treatment context. 

This data is stored in the ePA.

In the future, a wide range of medically relevant information can be documented and stored in a structured way in the electronic patient file (ePA). This includes, in particular: 

  • Doctor's letters
  • Diagnostic reports
  • Medication plans
  • Dental treatment records
  • Diagnoses Medication lists
  • Laboratory and radiology findings 

The medication plan will be a written summary of all prescription medicines that a patient is taking. Additionally, there will be the option to add self-medication and dietary supplements in order to prevent possible interactions with prescribed medicines. There are also plans to integrate special information such as the maternity record (Mutterpass) or the children's check-up booklet (Kinderuntersuchungsheft) into the ePA in the future. 

The record is completed by authorised healthcare providers, such as physicians or psychotherapists. Insured individuals decide for themselves which documents are to remain permanently in the record, which may be deleted, and who is granted access rights to the ePA in the respective treatment context. This creates an individual, patient-centred documentation of health data, which is available for life and always up to date. However, the electronic patient file is not automatically a complete treatment record.

Difference Between the Electronic Patient File for All and the Healthcare Provider’s Own Medical Record

The electronic patient file for all (ePA for all) should not be confused with the traditional treatment record, which is maintained internally by healthcare provider organisations such as medical or psychotherapy practices or hospitals. The ePA is a personal, patient-managed record that belongs to the insured individual. They decide which information is stored, shared or deleted, and can individually grant access rights either to trusted persons as representatives, or more generally to organisations such as medical practices and clinics. 

In contrast, the healthcare provider’s treatment record is a legally required, complete documentation of their own medical actions in the specific treatment context, which is only accessible to that specific institution. While the ePA promotes cross-sector communication and coordination, the internal record primarily serves to ensure treatment quality, billing, and the legal protection of service provision. Both types of records usefully complement each other, but have different functions, content, and data protection requirements.

Benefits of the Electronic Patient File for All (ePA)

Pictogram networking heart

Advantages for healthcare providers

The ePA for all will offer significant benefits for healthcare providers in the future:

  • Improved information base: Access to health data such as diagnostic reports, doctor’s letters, medication plans, and vaccination records. 
  • Efficiency in healthcare delivery: Reduction of duplicate examinations, accelerated exchange of information, faster decision-making. 
  • Support for medication safety: A unified view of the current medication list enables targeted and lower-risk prescriptions. 
  • Facilitated interprofessional collaboration: General practitioners, specialists, nursing staff, psychotherapists, and other healthcare providers can coordinate treatment via the ePA. 
  • Documented access and legal certainty: All accesses to the record are logged and are transparently traceable. 
  • Efficient entry of health data: Doctors and other authorised parties with an electronic health professional card (eHBA or eBA) and the appropriate professional authorisations can enter relevant information directly into the record through their systems.   
Pictogram Person

Advantages for patients 

With ePA for all, patients retain control over their data. They can decide which information is stored and which institutions are allowed to access it – trusted persons can also be granted access rights. In addition, all treatment documentation is located in one place and is therefore accessible to all treating parties, if desired. 

Further advantages of the electronic patient file for patients include: 

  • Transparency and overview: Insured persons have access to their health data at any time, including medication plans, medical reports, dental treatment records and vaccination records.
  • Mobility and flexibility: Data can be accessed at any time and at any location via the ePA app.
  • Greater safety in the medication process: Up-to-date medication data helps to better identify and avoid risks such as drug interactions.

Practical example of using the electronic patient file for all (ePA)

A practical example from general practice:

A 75-year-old insured patient with multiple serious illnesses visits the practice for follow-up care after a hospital stay. The general practitioner accesses the ePA directly via the TI. There, the doctor finds the hospital discharge letter, current laboratory results, X-ray images and the medication list. 

The doctor updates the record with current blood pressure readings, a long-term ECG and a new referral form for a specialist. The cardiologist, who is consulted afterwards, also receives direct access to these data through the ePA. In this way, the entire treatment context becomes transparent and seamlessly traceable. 

In addition, the patient grants his daughter, as a trusted person, access to the ePA via the app, enabling her to assist in scheduling appointments and medications.

Outlook and current test phase of the ePA for all

The ePA has been gradually introduced since 2021. By 2025, a standard provision for all statutory insured persons is planned – with the option to opt out. Healthcare providers are therefore advised to familiarise themselves early on with the technology, legal framework and integration into existing workflows. 

The test phase prior to the nationwide roll-out of the ePA in 2025 has been used to optimise processes, test interfaces and gather practical experience – with the aim of establishing the electronic patient file as a permanent part of everyday care.

The Electronic Patient File for Privately Insured Persons

In future, those insured under private health insurance (PKV, Private Krankenversicherung) should also benefit from the advantages of the electronic patient file for all. Some private health insurance companies are already offering their policyholders access to an electronic patient file,while others are still working on the technical and organisational implementation. 

The electronic record for privately insured patients is based on the same specifications as the ePA of the statutory health insurers, enabling cross-sector communication among all healthcare providers. Here too, doctor’s letters, medical reports, medication plans, vaccination records and other health data can be stored securely and, if needed, shared with controlled access. Use is also voluntary and based on the consent of the insured persons. 

In future, this will create a unified digital infrastructure that integrates both those with statutory and those with private health insurance – with the aim of networking and improving medical care comprehensively. Some private health insurance providers are already conducting test phases or launching pilot projects to gradually introduce ePA solutions. For healthcare providers, this means that they should also prepare for ePA access in the private insurance context.

Frequently Asked Questions about the Electronic Patient File (ePA)

The ePA is a patient-managed, voluntary record, which healthcare provider organisations may only access with the patients consent. It supplements, but does not replace, the legally required documentation in the practice or hospital record, which must still be maintained internally. 

It is mandatory for healthcare providers to fill the ePA, provided that patients have not objected to the use of the ePA for all by using the opt-out rule. 

With the appropriate consent, healthcare providers gain access to health data, making the medication process safer, avoiding duplicate examinations, and facilitating interprofessional collaboration. In addition, quality of care is improved through up-to-date information in the relevant treatment context. 

Access is provided via the healthcare provider's primary system (PVS or KIS), which is connected to the telematic infrastructure (TI). Currently, to connect to the TI, an institution generally requires a card terminal with a practice or institutional SMC-B card, a connector, and the insured persons electronic health card (eGK). With the development of TI 2.0, all card-specific components will be replaced by digital alternatives. 

Yes, other healthcare providers and organisations such as pharmacies, midwives, paramedics, care institutions, psychotherapists, and others may also be granted access rights to the ePA, with patient consent. Access requires technical connection to the TI with all necessary components for access, such as the primary system, card reader, and eHPC or ePC as well as SMC-B.