Three people with a tablet and documents

Digital Healthcare Act: the legal framework for the telematics infrastructure

The digital exchange of information in the healthcare sector requires a legal framework to ensure processes are as secure as possible. This page provides an overview of the key laws that form the basis of Germany’s telematics infrastructure and its applications.

The path to the Digital Healthcare Act

The establishment of a telematics infrastructure (TI) for the healthcare sector began on 11 January 2005, when the leading organisations of the German healthcare sector founded gematik – Company for telematics applications of the health card (Gesellschaft für Telematikanwendungen der Gesundheitskarte mbH). The company was given a statutory mandate to introduce an electronic health card (eGK) for insured persons in Germany and to build the necessary infrastructure.

The legal foundation for this was the Act to Modernise Statutory Health Insurance (GKV-Modernisierungsgesetz), adopted on 14 November 2003, whose aim was to reduce contributions to statutory health insurance (GKV) and thereby lower labour costs. The Act to Modernise Statutory Health Insurance amended the Fifth Book of the Social Code (SGB) by adding sections 291 and 291a.

The preparatory work carried out by gematik led to the E-Health Act, which was passed on 21 December 2015. The Act on Secure Digital Communication and Applications in the Healthcare Sector, as it is officially titled, laid the groundwork for the establishment of a secure telematics infrastructure. The E-Health Act established the basis for TI applications such as electronic patient records, electronic medical letters, and medication plans, as well as telemedicine and video consultations. gematik remains responsible for the development of the necessary telematics infrastructure, including binding standards for services, components, and applications.

Legislation Contents
Act to Modernise Statutory Health Insurance (GKV-Modernisierungsgesetz – GMG, in force since 19 November 2003) The GMG was introduced to reduce contributions to statutory health insurance. As a consequence, gematik was established with the statutory mandate to introduce an electronic health card for insured persons and to develop the necessary digital infrastructure.
Act on Secure Digital Communication and Applications in the Healthcare Sector (E-Health Act, in force since 29 December 2015) The E-Health Act provides the legal foundation for TI applications such as electronic patient records, medical correspondence, and medication plans, as well as for telemedicine and video consultations. It sets out a concrete timetable for implementation.
Act to Improve Healthcare Provision through Digitalisation and Innovation (Digital Healthcare Act – DVG, in force since 19 December 2019) The Digital Healthcare Act requires pharmacies and hospitals to connect to the telematics infrastructure to a specified schedule. It also provides targeted incentives to healthcare professionals to join the TI as quickly as possible.
Digital Healthcare and Nursing Care Modernisation Act (DVPMG, in force since 9 June 2021) The DVPMG establishes a legal framework for ongoing digital developments in the healthcare system and prepares the intorduction of digital identities. It also requires service providers not previously connected to join the telematics infrastructure.
Digital Act (DigiG, in force since 26 March 2024) The DigiG makes the electronic patient record (ePA) mandatory for all persons insured under statutory health insurance. The e-prescription (E-Rezept) will become the standard and the options for digital health applications will be expanded, enabling services such as telemedicine.
Health Data Use Act (Gesundheitsdatennutzungsgesetz – GDNG, in force since 26 March 2024) The GDNG establishes the legal basis to ensure that health-specific information can be used more effectively for medical care and research. For the release of data from the electronic patient record (ePA), insured persons have an opt-out option. All transmitted data is pseudonymised.

What changes does the Digital Healthcare Act introduce?

The E-Health Act has already set out a roadmap for when and how the telematics infrastructure (TI) should be introduced. The Digital Healthcare Act (DVG) provides a concrete timeline based on these requirements. The Act to Improve Healthcare Provision through Digitalisation and Innovation, as it is officially called, entered into force on 19 December 2019.

Objectives of the Digital Healthcare Act

The Digital Healthcare Act obliges pharmacies and hospitals to join the telematics infrastructure. In addition, the DVG provides targeted incentives not only for doctors and dentists, but also for midwives and physiotherapists, as well as care and rehabilitation facilities to connect to the TI as quickly as possible.

The advantages of a uniform TI system are clear: Previously, stakeholders in the healthcare sector worked with different hardware and software without standardised interfaces. As a result, data exchange between systems was prone to interruptions and media discontinuities – meaning patient data and other information often had to be re-entered manually. This process was not only time-consuming but also error-prone. The Digital Healthcare Act therefore creates the legal foundation for standardised digital data exchange in the healthcare system.

The next step: Digital Healthcare and Nursing Care Modernisation Act (DVPMG)

The Digital Healthcare and Nursing Care Modernisation Act (DVPMG), which entered into force on 9 June 2021, builds upon the Digital Healthcare Act. It extends the obligation to connect to the telematics infrastructure to all other healthcare providers not yet covered by the DVG. This includes nursing services, providers of therapeutic products such as speech therapists and podiatrists, and suppliers of medical aids such as opticians and hearing aid acousticians.

Objectives of the Digital Healthcare and Nursing Care Modernisation Act (DVPMG)

The Digital Healthcare and Nursing Modernisation Act sets the legal foundation for continued digital progress in the healthcare system. Its provisions cover a broad range of topics. Among other things, the DVPMG regulates that

  • insured persons and healthcare providers receive digital identities to securely authenticate themselves in the future
  • the electronic health card (eGK) serves as proof of insurance for insured persons
  • the electronic medication plan is integrated into the telematics infrastructure as a standalone application
  • data protection and information security for digital health applications are strengthened
  • digital health applications can be prescribed electronically by doctors or psychotherapists
  • access to telemedical services for patients is facilitated
  • insured persons can retrieve their prescriptions at the pharmacy in a personalised manner with proof of identity (e-prescription)

To date, the DVPMG is still in its implementation phase. On the D-Trust pages for the various healthcare professions, you can find out which legal requirements already apply to your professional group.

D-Trust Logo
Dentist and medical practices
Medical and Dental Practices
Photo of a pregnant woman lying on a couch and being examined by a midwife
Midwives
Woman female doctor tablet
Hospitals
Man conversation meeting
Medical insurance companies
Nurse takes care of an old women in bed.
Nursing staff
Physiotherapists
Physiotherapists
Woman Conversation Consultation
Psychotherapists
Woman doctor tablet
Other Healing Professions
Man pharmacy prescription
Pharmacies
Dental laboratory female dental technician
Health trade enterprises

DigiG: the electronic patient record is coming

Doctor sitting at a computer in a practice laboratory

After two decades of preparation, a decisive step forward has finally been taken: The electronic patient record (ePA) for all statutory health insurance holders was introduced on a mandatory basis in 2025. Its implementation is regulated by law: The Act to Accelerate Digitalisation in Healthcare, abbreviated as the Digital Act or DigiG, entered into force on 26 March 2024. What exactly the electronic patient record is and what functions it offers for healthcare professionals and patients is explained in a separate article.

More about the electronic patient record

Objectives of the DigiG

All statutory health insurance holders will receive an electronic patient record (ePA) in 2025. Anyone who does not wish to have an ePA can opt out through an opt-out procedure. The opt-out option is also available for persons with private health insurance, provided their health insurance company offers an electronic patient record.

  • Together with the electronic patient record, insured persons receive a digital medication summary.
  • E-prescriptions are being further developed and established as a mandatory standard.
  • The options for digital health applications are being expanded, enabling, for example, telemedicine.

GDNG: the Health Data Use Act

The telematics infrastructure not only allows for the exchange of medical information, but also its analysis. With the Health Data Use Act (GDNG), which entered into force on 26 March 2024, health data will be made available for research purposes, while ensuring data protection at the highest security level.

Objectives of the GDNG

In order to link patient data from various data sources for research purposes, data from electronic patient records (ePA) To support medical research, data from electronic patient records (ePA) is pseudonymised and shared with the Health Research Data Centre (FDZ), unless patients choose to opt out. The FDZ is currently being established within the Federal Institute for Drugs and Medical Devices (BfArM).

  • Data use must serve the public good, as defined in the GDNG.
  • Researchers may only access health data in pseudonymised form and are required to maintain confidentiality.
  • Anyone who does not wish their data to be used for research can exercise their right to opt out.

Next steps in legislation

The telematics infrastructure continues to evolve under the framework of the German Social Code, Book V (SGB V). One key aim is to extend the use of electronic prescriptions (E-Rezept), paving the way for new digital health applications. A phased rollout is already under way to enable more and more prescriptions for remedies and aids to be issued electronically, with full implementation planned by July 2027.

At the same time, the Federal Institute for Drugs and Medical Devices (BfArM) is assessing telematics infrastructure (TI) applications to ensure they function effectively and to identify any issues that could impact patient care. This includes cases where a TI application does not lead to measurable improvements in health outcomes. The goal is to record and evaluate such findings systematically.

Under Section 334(1) SGB V, BfArM’s remit covers:

  • the electronic patient record (ePA),
  • electronic declarations on organ and tissue donation,
  • advance healthcare directives and powers of attorney
  • medication plans,
  • emergency data management (NFDM),
  • and electronic prescriptions (eVerordnungen).

BfArM shares its findings with gematik, the organisation responsible for developing and maintaining the telematics infrastructure. These insights may inform future legislative updates, and it is expected that the Federal Government will soon be considering new proposals for the digital health infrastructure in Germany.

Frequently asked questions about TI legislation

As healthcare becomes increasingly digital, many processes are changing – and it’s natural that questions arise. Here we answer some of the most common questions about the laws governing Germany’s telematics infrastructure.

The starting point for the telematics infrastructure in the healthcare sector was the GKV Modernisation Act (GKV-Modernisierungsgesetz) in 2003. It was followed in 2015 by the E-Health Act, which laid the groundwork for telematics applications such as electronic patient records, medical letters and medication plans. Four years later came the Digital Healthcare Act (DVG). The Digital Healthcare and Nursing Modernisation Act (DVPMG) of 2021 made participation in the telematics infrastructure mandatory for all healthcare providers. In 2024, the Digital Act will follow, preparing the legal framework for the introduction of the electronic patient record (ePA) for all statutory health insurance holders from January 2025.

Current and forthcoming legislation on the telematics infrastructure focuses on two main aspects. First, it defines the framework for the digital exchange of data and information within the healthcare system. Second, it clearly sets out who is authorised to access the telematics infrastructure – and who is not.

The laws governing the telematics infrastructure provide the legal foundation for establishing and further developing digital healthcare in Germany. Their goal is to enable the secure and user-friendly exchange of data and information, ensuring the highest standards of data protection and information security.