E-prescriptions should be easier to redeem online. Currently, insured people have to take a photo of the e-prescription printout and then send this image to their online pharmacy. This is a media disruption. That's why online pharmacies have been calling for another redemption method, the so-called Cardlink, for a long time. But all shareholders of Gematik, which is responsible for the digitalization of the healthcare system, voted against Cardlink on Thursday – except for the Federal Ministry of Health (BMG). Since the BMG holds 51 percent of the voting rights, that was enough for the decision for Cardlink. Pharmacists are shocked.
Advertisement
With Cardlink, insured people can redeem their e-prescriptions using their electronic “health card without a PIN”. To do this, the electronic health card (eGK), like the Gematik e-prescription app, is held on the smartphone. Transaction confirmations via SMS (SMS-Tan) should also be used. Gematik has not yet answered which steps exactly make this possible; the final specifications will be published soon. In principle, the Federal Office for Information Security does not consider SMS-Tan to be state of the art, regardless of the (…) process.
One day Cardlink will also be replaced by the HealthID. This is also intended to enable “secure access to other applications such as the electronic patient file”.
Pharmacists warn against Cardlink
The Federal Association of German Pharmacists Associations (ABDA) sees Cardlink as endangering patient safety. This makes the e-prescription “more vulnerable”. There are already frequent disruptions in e-prescriptions, which are annoying for pharmacists, doctors and patients. “The safe supply of medicines in Germany must not be jeopardized by unsafe smartphone apps,” says ABDA President Gabriele Regina Overwiening. The fact that the BMG “in its self-made decision now also shifts responsibility for the new e-prescription redemption method to the pharmacies” is unacceptable.
The pharmacists are shocked “that the ministry is now using its 51 percent majority in a remarkable vote for the first time to meet the special interests of individual large corporations.” In Overwiening's opinion, the fourth method of redeeming the e-prescription must be “just as secure as redeeming it using eGK, printing out the e-prescription or the secure apps from Gematik or the health insurance companies.”
SMS code not for security?
According to IT security expert Martin Tschirsich, SMS at Cardlink does not serve as a second factor to increase security. Rather, it is intended to record which device was used to redeem a prescription. This is to combat fraud. “The SMS at Cardlink is not intended as a second factor, but rather increases the risk of detection in the spirit of the opportunity theory for negative general prevention. The accesses are logged accordingly extensively. In direct comparison to the analogue redemption method by inserting the health card on site, an improper retrieval of E -Recipes can be better understood,” explains Tschirsich.
According to this assessment, fraud could even be better combated with Cardlink than with filling prescriptions by inserting the health card in a local pharmacy. Simply because Cardlink generates more data.
(mack)