What is an e-prescription?
Making bank transfers, placing orders or, for example, submitting tax returns – many things in everyday life are now done online. Doctor’s prescriptions will also be a part of this in the near future. From January 2022, “e-prescriptions” will become compulsory throughout Germany. This will once again make life easier for doctors writing prescriptions and for people with statutory health insurance. Protecting the highly sensitive data that will be transmitted electronically in the future is of utmost importance.
Reading Time: .
A definition of e-prescription
Approximately 500 million prescriptions are written every year in the Federal Republic of Germany. Yet the days of the classic prescription on paper are numbered: With the introduction of the electronic prescription (e-prescription), the printed form 16 template’s days are numbered for people with statutory health insurance as early as the middle of 2021. Even though prescriptions will only be available in a digital format in the near future, they will still have the status of a legal document. Plans are in place for privately insured persons to be able to get and fill e-prescriptions in the future. In addition, other prescription forms will be digitized, including prescriptions for narcotics, T-prescriptions (special prescriptions for certain active ingredients), Digital Health Applications Ordinance (DiGA), and green prescriptions. The e-prescription is only one component of the very comprehensive digitization initiative of the German government.
The “telematics infrastructure” (TI) networks all stakeholders in the health care system and ensures the secure exchange of information across sectors and systems. It is a closed network that only registered users (individuals or institutions) with an electronic health professional card and practice ID can access.
The law, which now also allows medical prescriptions to be written and filled online, has been in force since October 20, 2020. Unlike the tried and tested paper-based prescription, e-prescriptions have additional digital applications: These include useful functions such as medication reminders or medication plans with built-in interaction checks. This ensures that there are no undesirable interactions when taking several medicines.
When is the e-prescription coming?
A test phase for writing e-prescriptions has already been underway in a few selected practices in Berlin-Brandenburg since July 1, 2021. It is planned that from October 1, doctors will also be able to write e-prescriptions nationwide, initially on a voluntary basis. The prerequisite for this is that the pharmacy potentially serving the patient is already able to process e-prescriptions. From January 2022, e-prescriptions will be compulsory throughout Germany for prescribing medications requiring a prescription.
How does the e-prescription work?
As with the introduction of most digital processes, the idea behind the e-prescription is to make life easier for everyone involved.
Step 1 – Writing the prescription in the doctor’s office
On the doctor’s side, the prescription is written in their practice, as usual, using prescription software. The e-prescription is then signed using the electronic health professional card and sent off – ideally with only two clicks. Like conventional paper prescriptions, e-prescriptions must also be signed – with a “qualified electronic signature” (QES). The security level of such a QES is very high: doctors and psychotherapists not only have to insert the electronic health professional card (eHBA) into a reader but enter a PIN as well. After being signed, the e-prescription is transmitted in encrypted form to the e-prescription service in the telematics infrastructure. It is available there for up to 100 days after the prescription has been filled. This is the end of the process for the doctor.
Step 2 – From the doctor to the insured person
The insured person can access the e-prescription using a token. He or she then has the choice of either having the electronic prescription displayed digitally in the gematik e-prescription app or having the token printed out as a data matrix code. Instead of printing out a prescription, the insured person can use the digital code in the e-prescription app to electronically check the availability of prescribed medications at up to three (online) pharmacies in advance.
Step 3 – Filling the prescription at a pharmacy
As soon as the availability of a medication is requested, the selected pharmacy is shown all the prescription information needed to check stock levels. The requests can be viewed and answered directly in the ERP system.
After the prescription is filled, a receipt signed by the e-prescription service is issued, which the pharmacy can use to bill the health insurance company.
How secure are e-prescriptions?
E-prescriptions have not yet been made generally compulsory and are still in the test phase. Nevertheless, the digital transmission of highly sensitive and very personal information has already attracted the interest of hackers and cybercriminals. In its Risk Barometer 2021, the Allianz financial services company ranks cyber incidents as the biggest threat to the healthcare sector. Especially since the beginning of the corona pandemic, the German Federal Criminal Police Office (BKA), Interpol, and the German Federal Office for Information Security (BSI) have noted a massive increase in cyber attacks on the sector. In addition to hospitals and laboratories, the systems of warning apps and information and vaccination portals were primarily affected. In modern healthcare, electronic health records, networked diagnosis and treatment systems, as well as telematics infrastructure, digital platforms for information, administration, appointment scheduling, and patient care must be reliably secured. In a worst-case scenario, failures here could endanger human lives.
What you need to know about e-prescriptions
E-prescriptions will make life much easier for doctors and patients and offer a number of benefits that paper-based prescriptions are unable to provide. Electronic prescribing is just one component of the German government’s large-scale initiative to network the German healthcare system. Unfortunately, the electronic transmission of highly sensitive data also attracts the interest of cybercriminals and requires a high level of security for the underlying processes.
Myra Security, a DDoS protection provider qualified by the German Federal Office for Information Security (BSI) that fulfills all 37 performance requirements, provides just that. The company develops and operates highly certified protection solutions to secure digital business processes. As a specialist provider for sensitive and critical infrastructure, we have many years of experience protecting companies and organizations in the healthcare sector and protect, for example, the infrastructure of the Federal Ministry of Health, the National Association of Statutory Health Insurance Physicians (KBV), and the Federal Center for Health Education (BZgA). Customers in these highly regulated areas benefit from certified security and compliance with GDPR, IT-SiG 2.0, BSI-KRITIS, and industry-specific standards.
If you are interested in futher informations, we are willing to send you our whitepaper for free
How IT security creates the basis of trust for e-health solutions
- New digital solutions in healthcare
- Challenges and threats to digital infrastructure
- Highest IT security requirements for e-health solutions