Overview
- The ePA is live nationwide with records created by default unless patients opt out, and since October 1 all providers must add data, while the Chaos Computer Club warns vulnerabilities persist and Gematik expects a fuller fix next year.
- Patients can change access durations granted to providers, with default windows set at 90 days for practices and 3 days for pharmacies.
- Selective sharing is limited: individual physician letters cannot be hidden from specific providers, except for the medication list; users may block entire institutions or hide documents for everyone but themselves.
- Older medical records are not imported automatically, and patients can upload scans or request insurer digitization of up to ten documents twice within 24 months.
- Incorrect diagnoses can be removed from the patient-controlled ePA view but typically remain in doctors’ records and insurer files, with corrections requiring cooperation or strong evidence and legal challenges being uncommon.