“E-Health Law” in Germany (2023)

Digitisation has become a political buzzword in Germany, raising particular concerns with regard to the German healthcare system. German politics has long been lagging behind in creating an appropriate framework that balances health benefits versus data protection issues. In this context most recently a new “E-Health-Law” has been implemented in Germany to backbone an “E-Health-Card” and its desired intensified use in the future.


During the last years, the German lawmaker installed the framework of Electronic Health Records within the broader concept of an “Electronic Health Card”, which is the basic setup for the implementation of a nationwide, technically mature telematics infrastructure for interconnecting insurants, doctors, hospitals and health insurance companies. The proceedings in that area serve the goal to create an arrangement of regulations within the German Social Security Code relating to statutory health insurance companies, to enable them to ultimately introduce, foster and maintain the use of information and communication technologies within the public health domain. The most important stakeholders are the German Federal Ministry of Health, which is responsible for the design of the legal framework of the telematics infrastructure and the German Society for Telematics (gematik), the latter being an umbrella organization formed by the most important stakeholders and unions in the German social security and particularly health insurance area. Gematik is responsible for concrete undertakings in elaborating and implementing the telematics infrastructure.

The idea of Electronic Health Records and ePrescriptions in Germany is embedded in the concept of an “Electronic Health Card” (“elektronische Gesundheitskarte”). The legal basis for this card has been set out in the beginning of 2004 within the “Law to modernize the Statutory Health Insurance” (“GKV-Modernisierungsgesetz”). This law seeks to advance the concept of the former “Health Insurance Card” (“Krankenversichertenkarte”), and adapt its rules to the modern information society as well as establish a telematics infrastructure in the public health domain.

“E-Health Law”

In mid-January 2015 the highly anticipated bill on the so-called “E-Health Law” (Statute for Secure Digital Communication and Applications in the Health Sector) was presented, triggering a debate on digitisation, data protection and health in Germany. The various reactions to the draft bill were largely critical, mainly for insufficiently protecting medical data and for patients not having access to their data. For instance, the Privacy Commissioner of Schleswig-Holstein criticized the draft law on e-health for insufficient protection of medical data. Although some aspects of the draft law were welcomed, such as the launch of telematics infrastructure and the “Electronic Health Card”, the Privacy Commissioner held that the draft did not go far enough to protect individuals’ medical data and prevent the growing trend towards the “transparent patient”. In an attempt to act upon the critics changes were made to the draft bill. However, the amendments made little change to the basic approach and structure of the bill.

On 4th December 2015 the German Federal Parliament (Bundestag) has approved the new law designed to ensure that the “Electronic Health Card” system is operating by 1st July 2018. According to the German government, the Act has different objectives:

  • to assist in the introduction of beneficial applications of the “Electronic Health Card”
  • to establish the telematics infrastructure with its security features as the main infrastructure for secure communication within the healthcare system
  • to improve the structures of gematik and to widen its responsibilities
  • to improve the interoperability of healthcare IT systems and promote telemedicine services.

The key element, the “E-Health Card” (known in other nations as medical smartcards) which allows digital storage and retrieval of patient data, has been plagued in Germany by controversy and delay since it was first proposed in 2002. Access to data on the “Electronic Health Card” for health professionals is generally connected to further requirements, e.g. ensuring they only get access via a health professional ID card secured by electronic signature measures.

“Electronic Health Card”

The applications that go along with the “E-Health Card” will be introduced gradually. In an initial step, administrative data relating to the insured person, such as their name, date of birth, address as well as health insurance data including their personal health insurance number and insurance status (member, affiliated family member or retiree) have been stored. The “E-Health Card” carries a photograph. Exceptions are made only for young persons up to the age of 15 years and insured persons who are unable to co-operate in the taking of a photograph, such as immobile patients in need of long-term care. The photograph should help to avoid the risk of confusion and serves to control the abuse of benefits and services. The back of the “E-Health Card” can be used for the “European health insurance card” and renders treatment and health care possible within Europe.

The next step will be an online comparison of the insured person’s master data that is stored on the “E-Health Card” with the data on the insured person that is actually at the disposal of the health insurance fund. As a result, changes of which the insured person has already informed his/her health insurance fund, such as a change of address, can be automatically updated on the “E-Health Card” at the push of a button at the next doctor’s visit.

The main utility of the “E-Health Card” shall lie in its medical applications that are voluntary for the patient. With patients consent, in future, physicians will be able to retrieve important emergency data directly from the “Electronic Health Card”. Moreover, electronic referral letters and cross-facility electronic health records will be possible. From 2018, important data (e.g. known allergies, implants or previous diseases) may be saved in the new system with patient approval, so that physicians handling emergencies can access it.

Moreover, the bill is intended to input patients' specific medication plans onto the “Electronic Health Card” in order to allow different physicians prescribing additional medicine to access the information, thereby helping to avoid critical interactions between medicines. From October 2016, a patient on at least three different prescribed medicines will have the right for his or her personal medication plan to be included on the “Electronic Health Card” for physicians and health insurers to access. In the long term, the government intends to include medication plans for all other patients on the cards.

This means, that every insured person will decide for him/herself whether and to what degree they wish to make use of the possibilities offered by the “Electronic Health Card” for storing medical data. He/she will also decide whether, and to which degree, use is to be made of an application such as the emergency data, whether the card is to be used to document his/her willingness to donate organs, or whether the electronic patient record is used at a later stage. Furthermore, patients will have access to their data and be able to print them or have them deleted. As was the case with the previous card, only the insured person’s administrative data is to be mandatorily stored on the “Electronic Health Card”.

Data protection issues

A lot of important personal health data will be saved on the “Electronic Health Card” or used for digital networking. As a result, the bill aims to clarify data access rights concerning the cards. Access to data must be recorded and insurers are obliged to inform patients about data saved. According to the bill, patients will be responsible for their own data and will be able to decide what will be saved and who can access it.

The Federal Ministry of Health has highlighted that the safety level of the underlying telematics infrastructure is already higher than that for bank cards and major emphasis was being placed on data protection which is guaranteed by both statutory and technical means. The transmission of sensitive medical information does not take place through the internet but via a secure health network set up for this specific purpose. Medical data is encoded even before it leaves the doctor’s practice. In the process, two safety precautions are in use simultaneously. Just like with a bank card, the insured patient determines who has access to the data by inserting his/her card into the card reader and entering a PIN code. However, a second safety precaution then comes into play, so called “two key principle”.

The doctor in question requires his/her health professional identification card to obtain final access. Only in an emergency situation can a doctor gain direct access to the emergency data with the use of his/her medical professional identification card, without the patient entering the PIN code.


Even if there is by now a general agreement in Germany among health care practitioners that “E-Health” is absolutely essential for dealing with the major future challenges of the German health sector: a shortage of doctors (especially in rural areas), the demographic change with an ever-aging population, and increased cost-pressure in the healthcare business, Germany is lagging behind in “E-Health” matters, especially in comparison to Nordic countries like Denmark, Iceland and Norway. According to a study by the European Commission, a comprehensive data-exchange in Germany’s health sector in most cases fails at the outset because of the lack of IT-infrastructure in hospitals and little interconnection to other regional and national health institutions.

In the area of “E-Health”, which broadly encompasses health care practices supported by communication and information technologies, the enduring battle between innovative business ideas and traditionally strong German consumer protectionists has been particularly polarised. Germany is now gradually also beginning to come round to realising the potential of digitalisation in the healthcare industry, yet there are still many issues to be resolved. Whilst supporters dream of a fast “data autobahn” with numerous benefits for patients and service providers, the major issue of data security in particular remains a topic for critics. Critics especially point to the need to clarify how to ensure that the IT service providers involved also adhere to the data protection regulations – an issue which ultimately relates to the safety of health-related apps such as those available for smartphones or fitness applications. Besides, other obstacles must be overcome in developing the legal environment for telemedicine services in Germany, in particular issues relating to professional law for the German legal profession, e.g. the professional-law ban on remote treatment.

It remains to be seen what changes in legislation will result from the further discussions after the approval of the “E-Health Act” in Germany.

If you have any questions on this article or would like to propose a subject to be addressed by Synapse please contact us.


“E-Health Law” in Germany? ›

The goal of Germany's new electronic health law is the creation of an electronic health card for every person in the country by 2018. The card will include health information that doctors, hospitals, and pharmacies across the country can access with patient consent.

Does Germany have electronic health records? ›

In Germany, patients can choose between different PHR systems (personal health record; German: elektronische Gesundheitsakte, eGA; Social Code §68 SGB V), such as "TK-Safe", "Vivy" or "AOK-Gesundheitsnetzwerk".

What is the healthcare policy in Germany? ›

The statutory health is mandatory for individuals in Germany unless a person makes over 60,750 Euros which allows them to opt-out of SHI and purchase private insurance. Approximately 88% of the population receives primary coverage through the sickness funds and 11% through private insurance.

What is the Germany Patient Data Protection Act? ›

The PDSG applies to all healthcare institutions, including hospitals, doctors, health insurance providers, and pharmacies using services, applications and components of the German healthcare system's telematics infrastructure to process patient information. The size of an organization does not matter.

Is health insurance Mandatory in Germany? ›

In Germany, you are required to take out health insurance. We will give you an overview of the types of health insurance and their services. In Germany, you must take out health insurance as an employee. A distinction is made between statutory and private health insurance.

What is the Digital Supply Act Germany? ›

The Digital Supply Act in Germany

DiGA simplifies how individuals are diagnosed and treated, effectively making healthcare quicker, easier and in many ways more effective.

How are medical devices regulated in Germany? ›

All Medical Devices must bear the CE marking in order to be marketed. Non-EU Manufacturers must appoint an Authorized European Representative. The person responsible for the Medical Device first marketing with its registered office in Germany must notify the local authority responsible for the relevant Federated State.

How is Germany healthcare different from us? ›

The benefits of the German healthcare system are decreased number of prescription dependencies, does not have a 100% socialized single-payer system that most Americans fear, reasonable cost for hospitals and prescription drug co-pays, ability to purchase private insurance, no penalty for switching from public to ...

Why is Germany's healthcare so good? ›

The German public health care system is based on the principle of solidarity. All people insured by a public health insurer receive the same medical care regardless of their financial status. This is achieved through an income-based common fund where everyone contributes to.

Why is Germany's healthcare free? ›

In Germany, healthcare is funded by statutory contributions, which therefore entitles German citizens to free healthcare (Gesetzliche Krankenversicherung). In addition to this, you can also take out private health insurance (Private Krankenversicherung) to replace or top-up the cover that's offered by the state.

Is Germany under GDPR? ›

Germany has both a federal data protection authority as well as 16 state data protection authorities, all of which are being maintained under the GDPR.

What is GDPR compliance in Germany? ›

The GDPR aims to: Minimize the personal data collected by data controllers. Ensure that the data is protected by design during processing and storage — whether by the data controllers themselves or by their designated data processors. Give data subjects more visibility into and control over their personal data.

What is Article 22 of the General Data Protection Regulation Germany? ›

Automated individual decision-making, including profiling. 1. The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

What happens in Germany if you don't have health insurance? ›

Yes, in Germany you will be treated even if you go to the doctor without health insurance – at least in serious or even life-threatening cases or if you are in severe pain. However, if you want to see your family doctor for less serious illnesses, for example, you will have to pay the costs yourself.

Which insurances are required by law in Germany? ›

Car insurance (Kfz-Versicherung)

If you drive a vehicle in Germany, it must be insured. There are two types of car insurance: Vollkasko and Teilkasko. Vollkasko insurance covers the damage to your car and to other cars, even if the accident is your fault.

What happens if you don't pay a medical bill in Germany? ›

If you still do not pay, you will usually receive a warning letter or "Mahnung- which costs money. That means now you not only have to pay the bill but also the warning letter fees ("Mahngebühren"). If you do not respond to any of these reminders and warnings, many companies commission a debt collection agency.

What is the supply chain law in Germany 2023? ›

The Supply Chain Due Diligence Act means that from 2023 there will no longer be a way around human rights and environmental protection, no matter where in the world Germany-based companies have their production sites. At the same time, the Act is designed in such a way that it will be easy for companies to implement.

What is the German supply chain due diligence Act 2023? ›

As of 1 January 2023, the German Supply Chain Due Diligence Act ( the “Act”) has entered into force. As a result, approximately 700 companies with a presence and more than 3,000 employees in Germany are required to comply with several supply chain due diligence obligations set out in the Act.

What is the new German supply chain law? ›

On January 1, the new German supply chain act came into force, obliging German businesses to identify and account for their impact on human rights – such as forced and child labour, forced evictions, oil pollution and land grabbing – across overseas direct suppliers and, when necessary, also indirect suppliers.

Who regulates medical devices in Germany? ›

The German market for medical devices is regulated by German and EU directives, standards, and safety regulations.

Who approves medical devices in Germany? ›

The BfArM is the largest drug approval authority in Europe.

How are medical devices reimbursed in Germany? ›

The treatment is reimbursed by SHI funds through the G-DRG system. The German DRG, or G-DRG, dictates a flat fee for reimbursement based on the diagnosis for each admitted case. This flat G-DRG fee also includes the costs for drugs and medical devices.

Does Germany have better healthcare than USA? ›

Costs are lower, more services are provided, financial barriers do not exist, and health status as measured by mortality rates is superior. Canadians and Germans have longer life expectancies and lower infant mortality rates than do U.S. residents.

Are Germans happy with their healthcare system? ›

In an OECD wide comparison, German citizens are particularly satisfied with their health care system. 85% express satisfaction, compared to a 71% OECD average, though satisfaction has slightly declined in Germa- ny since 2007, from 87% to 85%.

What country has best healthcare? ›

South Korea tops the list of best healthcare systems in the world. It's been praised for being modern and efficient, with quality, well-equipped medical facilities and highly trained medical professionals. Generally, treatment in South Korea is affordable and readily available.

What are the main health issues in Germany? ›

The leading causes of death in Germany in 2019 were ischaemic heart disease, stroke and lung cancer. Around one in five adults smokes on a daily basis in Germany. While smoking rates have been declining, the growing popularity of e-cigarettes, particularly among young people, is a cause for concern.

Where does Germany rank in health care? ›

Germany's health care system is well-rounded and stable, ranking #3 in the World Index of Healthcare Innovation with an overall score of 59.79, below the Netherlands (#2, 62.99) and above Ireland (#4, 56.67).

Does America have better healthcare than Europe? ›

Despite the highest spending, Americans experience worse health outcomes than their international peers. For example, life expectancy at birth in the U.S. was 78.6 years in 2017 — more than two years lower than the OECD average and five years lower than Switzerland, which has the longest lifespan.

Can Americans get healthcare in Germany? ›

Although most foreigners living in Germany are eligible for state healthcare, some must sign up manually and all residents must have some form of health insurance.

Is healthcare free in Germany for US citizens? ›

Healthcare in Germany is accessible to all residents through public health insurance – this system covers 90% of residents. While non-residents require private insurance coverage to receive medical care. Visitors to Germany usually have to pay for treatment and then claim reimbursement at a later stage.

Are surgeries free in Germany? ›

Yes, all Germans and legal residents of Germany are entitled to free “medically necessary” public healthcare, which is funded by social security contributions. However, citizens must still have either state or private health insurance, covering at least hospital and outpatient medical treatment and pregnancy.

What is the digital age of consent in Germany? ›

Digital age of consent: According to Article 5 of the Law, if a provider relies on consent as lawful basis for the processing of personal data in relation to information society services offered directly to children, only children aged 16 or above are able to provide their own consent.

Is the US a GDPR country? ›

It protects an individual's data by imposing restrictions on how businesses use their clients' data. Also, it ensures that the business uses and protects the provided data in the Union as per the guidelines. Currently, the United States does not have specialized legislation like the GDPR to protect data privacy.

Is the US under GDPR? ›

What is the US equivalent of GDPR? The CCPA (California Consumer Privacy Act) is the US equivalent of GDPR.

Who enforces GDPR in Germany? ›

History of data privacy in Germany

This law established the principles of data protection and set out the rights and responsibilities of data controllers and processors. It also created the Federal Commissioner for Data Protection, responsible for enforcing the law.

Who regulates GDPR in Germany? ›

BfDI (Federal DPA)edit edit source

It is however only in charge of federal government authorities and private telecoms and postal services. Any other private entity and all other authorities in Germany is regulated by the relevant state DPA.

What are the penalties for GDPR in Germany? ›

The GDPR gives supervisory authorities the power to impose fines of up to 4% of a company's annual global turnover or €20 million (whichever is greater) for severe breaches. For a less serious data breach, the maximum fine is 2% of a company's annual global turnover or €10 million (whichever is greater).

What is Section 5 of the German Federal data protection Act? ›

If a private body performs sovereign tasks of the public administration, it shall be a public body as defined in this Act. (5) Public bodies of the Federation shall be regarded as private bodies as defined in this Act if they take part in competition as enterprises governed by public law.

For what does Article 24 of Germany's basic law provide? ›

Article 24 states that the Federal Government may 'transfer sovereign powers to international institutions' and Article 25 states that 'general rules of international law shall be an integral part of federal law'.

What is Article 44 of the General Data Protection Regulation? ›

Article 44 of the GDPR prohibits the transfer of personal data beyond EU/EEA, unless the recipient country can prove it provides adequate data protection. Descriptions of acceptable proof are detailed in Articles 45 – 49.

Can I see a doctor in Germany without insurance? ›

In Germany, you cannot see a doctor without first having health insurance. In fact, it is illegal for German citizens to be uninsured. Therefore, practitioners will ask for upfront payments if a patient is uninsured. This legal requirement also applies to visitors to the country and non-German residents.

Can I go to a hospital without insurance in Germany? ›

Anyone can access emergency treatment in Germany, but if you don't have insurance, you will need to pay for the hospital costs yourself.

How much does a doctor visit cost without insurance in Germany? ›

In Germany, the average cost of an uninsured consultation with a doctor ranges from €30 to €100 or more, depending on the type of doctor and the location of the medical facility. A visit to a general practitioner is usually less expensive than a visit to a specialist.

Is it illegal to live in Germany without health insurance? ›

In Germany, you are required to take out health insurance. We will give you an overview of the types of health insurance and their services. In Germany, you must take out health insurance as an employee. A distinction is made between statutory and private health insurance.

Can you live in Germany without insurance? ›

It is mandatory by law for all residents and visitors in Germany to have some sort of healthcare cover, whether that's statutory public healthcare, private healthcare, or some other valid form for short-term visitors. You must have health insurance in Germany, no matter whether you are unemployed or employed.

How does health insurance work in Germany? ›

Your health insurance costs a percentage of your income. Your employer pays half of it. The base cost is 14.6% of your income. This costs the same with every public health insurer.

Is health Care Mandatory in Germany? ›

Health insurance in Germany is obligatory for all German citizens and international tourists and expats. Here's how the German health insurance system works, the types of insurance you need to choose when travelling to Germany and how to get insured.

Do you have to pay for an ambulance in Germany? ›

Ambulance. If a doctor says you need immediate treatment - i.e. in emergencies - transport to hospital is free. Usually you pay 10% of transport costs, from a minimum of €5, up to a maximum of €10, but not more than the actual cost. This fee is not reimbursed.

How much does it cost to go to hospital in Germany? ›

Each hospital case cost 5,088 euros on average in 2019 - German Federal Statistical Office.

Which countries use EMR? ›

In the Netherlands, some 99 percent of primary care physicians used electronic medical records (EMR) as of 2019.
CharacteristicShare of primary care physicians
United States91%
7 more rows
Jun 14, 2022

Is HIPAA used in Europe? ›

European health care service providers will generally not be affected by HIPAA obligations if they are not active on the U.S. market.

What is health certificate in Germany? ›

Basic information. Any person who commercially produces, handles, sells or otherwise markets foodstuffs or comes into contact with foodstuffs requires a certificate from the public health department in accordance with Section 43 of the Infection Protection Act.

What is the German agency for medical devices? ›

The Federal Institute for Drugs and Medical Devices (Bundesinstitut für Arzneimittel und Medizinprodukte, BfArM ) is an independent federal higher authority within the portfolio of the Federal Ministry of Health.

Who is world's largest EMR? ›

Looking at the entire EHR market the three largest players based on revenue according to Signify Research's “EMR-EHR in Acute and Ambulatory Applications – World – 2019” are Cerner, Epic, and Allscripts.

What are the EHR systems in Europe? ›

Who are the prominent EHR solution providers in Europe? Leading electronic health record solution providers are Epic Systems Corporation, Cerner Corporation, Allscripts Healthcare, LLC, and InterSystems Corporation.

Which country has best digital health system? ›

Digital Health Index
Rank 1Country Estonia (EST)Index 81.92
Rank 2Country Canada (CAN)Index 74.73
Rank 3Country Denmark (DNK)Index 72.47
Rank 4Country Israel (ISR)Index 72.45
14 more rows

What is the EU equivalent of HIPAA? ›

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU).

Do HIPAA laws apply outside of the US? ›

While HIPAA is not overtly extraterritorial, meaning it is not written to apply outside, it is written to protect the data of US citizens no matter where those citizens are in the world. So, to use another legal term, it is the de facto case that HIPAA applies outside the US.

Is GDPR better than HIPAA? ›

HIPAA is focused on healthcare organizations and how personal health information is used in the US. GDPR, on the other hand, is a broader legislation that supervises any organization handling personally identifiable information of an EU or UK citizen.

What is public health called in Germany? ›

Public vs. Private German Health Insurance. There are two main providers of health insurance in Germany: public or “statutory” health insurance (Gesetzliche Krankenversicherung) and private health insurance (Private Krankenversicherung).

What is the medical exam called in Germany? ›

A regularly structured degree course in medicine takes six years and three months and is completed by a state exam (Staatsexamen), with which one obtains a license to practice as a physician (approbation). Medical education is provided in the German language only.

What is German certification? ›

The Goethe-Institut certificate (Zertifikat) is recognised worldwide as a German language certification, and can be used in Germany for visa, residence permit and citizenship applications, as well as for university entrance requirements.

What is Germany's version of FDA? ›

BfArM - Federal Institute for Drugs and Medical Devices.

Is German medical care good? ›

Germany's health care system is often regarded as one of the best health care systems in the world, offering its population universal health insurance coverage and a comprehensive benefits basket with comparably low cost-sharing requirements.

What is medical license in German? ›

The medical license in Germany is called 'Approbation'. All ,medical doctors, regardless of their field of work and level of expertise, are required to have this license in order to practice medicine in Germany. The Approbation grants the holder permission to practice medicine with an unrestricted professional permit.


Top Articles
Latest Posts
Article information

Author: Foster Heidenreich CPA

Last Updated: 09/27/2023

Views: 5991

Rating: 4.6 / 5 (56 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Foster Heidenreich CPA

Birthday: 1995-01-14

Address: 55021 Usha Garden, North Larisa, DE 19209

Phone: +6812240846623

Job: Corporate Healthcare Strategist

Hobby: Singing, Listening to music, Rafting, LARPing, Gardening, Quilting, Rappelling

Introduction: My name is Foster Heidenreich CPA, I am a delightful, quaint, glorious, quaint, faithful, enchanting, fine person who loves writing and wants to share my knowledge and understanding with you.