Electronic Health Record Law Elga-G

Original Language Title: Elektronische Gesundheitsakte-Gesetz – ELGA-G

Read the untranslated law here: https://www.global-regulation.com/law/austria/2996958/elektronische-gesundheitsakte-gesetz--elga-g.html

Subscribe to a Global-Regulation Premium Membership Today!

Key Benefits:

Subscribe Now for only USD$20 per month, or Get a Day Pass for only USD$4.99.
111. Federal law, a Gesundheitstelematikgesetz 2012 issued with the General Social Insurance Act, the commercial law of social insurance, the farmers social insurance law, the officials-sick and accident insurance law, the gene technology Act and the Penal Code be changed (electronic health record law ELGA-G)

The National Council has decided:

Table of contents



Art. 



Item 1 Gesundheitstelematikgesetz 2012 2 change of the General Social Security Act 3 amendment of the commercial Social Security Act 4 amendment to the farmers Social Insurance Act 5 change of officials-sick and accident insurance Act 6 modification of the genetic engineering law 7 amendment of the Penal Code article 1

Federal Act concerning data security measures when using electronic health data (Gesundheitstelematikgesetz 2012 - GTelG 2012)

Contents § heading 1 section: General provisions 1 subject 2 definitions 2. section: data security for the electronic transmission of health information 3 principles of data security 4 identity 5 role 6 confidentiality 7 integrity 8 IT security concept 3. section: information management 9 organization of the eHealth directory service (eHVD) 10 data of the eHealth directory service 11 monitoring 12 principles of cross-border health care 4. section: electronic health record (ELGA) 13 General provisions to the electronic health record 14 principles of data using 15 principles of the ELGA participation 16 rights of the ELGA participants 16a e-medication 17 ELGA ombuds office

18 checking of the identity of participants-seekers 19Überprüfung of the identity of ELGA health service providers and the ELGA - Ombudsman's Office 20 storage by ELGA Health 21 permission system 22 23-logging system access portal 24 rights to ELGA 5. section: final provisions 25 administrative penal provisions 26 entry into force 27 transitional provisions 28 instruction rights 29 adoption and entry into force of regulations and regulation appropriations 30 references 31 enforcement 1 section

General terms and conditions

Subject

1. (1) subject to this Federal Act is to use (§ 4 Z 8 of the data protection Act 2000 [DSG 2000], Federal Law Gazette I no. 165/1999) of personal electronic health data by health service providers in accordance with § 2 No. 2.

(2) the objectives of this Federal Act are: 1. Federal minimum standards to expand the data security when using electronic health data in the directed and undirected communication and data abuse to prevent (section 2) 2. establishing the necessary information bases for the development and management of e-health and widen (section 3) as well as 3 uniform regulations for non-directional communication of electronic health data, particularly in ELGA (§ 2 No. 6) , with particular reference to the: a) participants / rights (§ 16), such as in particular the self-determination of the ELGA participants, b) verifying the identity of participants-seekers (article 18), c) verification of identity by ELGA health service providers (article 19), d) individual and general permissions (section 21), as well as e) documentation and traceability of the use of ELGA health records (section 22) to create (section 4).

(3) If this federal law contains no specific provisions, other legislation remain unaffected.

Definitions

§ 2. Within the meaning of this Federal Act, "Health information" means 1: personal data pursuant to § 4 Z 1 DSG 2000 on the physical or mental well-being of a people, including in connection with the survey of the causes of this State as well as the provision or supply, diagnose, therapy - or care methods, care, the prescribed or related drugs ("medication data"), therapeutic AIDS, or AIDS, the allocation of health services or the data collected for the insurance of health risks.

2. "health service providers" ("GDA"): contractor or service provider in accordance with § 4 DSG 2000, regularly in a role after in accordance with article 28, paragraph 1 Z 1 adopted Regulation health data in electronic form for the following purposes use: a) medical treatment or care, or b) nursing care or c) allocation of health services or d) insurance of health risks or e) perception of patient/inn/en/right.

3. "IT security concept": sum of all data security measures of a health service provider that are necessary and reasonable within the meaning of § 14 to the protection of personal data, in particular of sensitive data, 2000 DSG.

4. "Registration authority": those places that keep the records pursuant to § 9 para 3 No. 1 or in article 9 paragraph 3 are Nos. 2 and 3.

5. "roll": classification of health service providers according to the type of their task area, their employment, their operational purpose or their services.

6 "Electronic health record" ("ELGA"): an information system that place all legitimate ELGA health service providers (Z 10) and ELGA participants-seekers ELGA health data (No. 9) in electronic form and time-independent (non-directional communication) makes available.

7 "Data store" ("repository"): technical infrastructure that is used by ELGA health data.

8 "electronic references to ELGA health data": ELGA electronic information about the type and location of ELGA-health data.

9 "ELGA health data" means the following personal data that could be essential for further treatment, support or assurance of supply continuity by ELGA participants-seekers and ELGA may be used: a) medical documents including any image data in a standardised form according to § 28 para. 2 No. 1, the health data in accordance with no. 1, with the exception of data concerning only the allocation of health services or health-related insurance services , contain, such as: aa) dismissal letters in accordance with § 24 para 2 of the hospitals - and Spa Institute Act (KAKuG), Federal Law Gazette No. 1/1957, bb) laboratory findings, cc) findings of imaging Diagnostics, as well as dd) other medical findings in structure and format according to § 28 para 2 No. 3 lit. a, b) medication data in accordance with no. 1 concerning prescription and non-prescription medicines ("e medication"), c) advance directives (§ 2 para 1 of the Patientenverfügungs Act, Federal Law Gazette I no. 55/2006), d) precautionary powers (§ 284f of the General Civil Code, DL. (No. 946/1811), e) data from the registers in accordance with sections 73 and 73a of the medical product law (MPG), Federal Law Gazette No. 657/1996, as well as f) patient data in accordance with article 14 paragraph 2 lit. b sublit. i 2011/24/EU of Directive patient rights in cross-border health care ("patient summary"), where secrets pursuant to § 10 para 4 KAKuG, data of this sort when they are used by other health service providers, as well as records of results in accordance with section 71a para 2 of the genetic engineering Act (GTG), Federal Law Gazette No. 510/1994, ELGA health data are by no means.

10 "ELGA health service providers" ("ELGA GDA") are (Z 2) following health service providers: a) members of the medical profession in accordance with section 3 of the medical Act 1998 (ÄrzteG 1998), Federal Law Gazette I no. 169/1998, also in the exercise of the medical profession in the form of a collaboration as a self-employed professional authorized group practice, excluded: aa) doctors and physicians, the tasks of the chef - and control medical service of social security institutions meet, bb) doctors who have to evaluate the fundamentals of insurance conditions as well as from resulting claims , cc) work doctors (article 81 of the ArbeitnehmerInnenschutzgesetzes, BGBl. No. 450/1994), dd) Office doctors and Amtsärztinnen (§ 41 ÄrzteG 1998), ee) doctors involved in determining fitness for military service, as well as ff) medics for schools and Schulärztinnen (§ 66 of the Education Act, Federal Law Gazette No. 472/1986), b) of dental care professionals (§ 5 of the dentists Act [ZÄG], Federal Law Gazette I no. 126/2005), also in the dental profession in the form of a collaboration as a self-employed professional authorized group practice , except: aa) dentist and Dentistinnen (§ 60 ZÄG), bb) official dentist and dentists Office (§ 32 ZÄG), cc) dentists and dentists, the tasks of the chef - and control medical service of social security institutions meet and dd) dentists and dentists, who have to assess the fundamentals of insurance conditions as well as from resulting claims, c) pharmacies pursuant to section 1 of the pharmacy Act, RGBl. No. 5 / 1907, d) hospitals pursuant to section 1 KAKuG, except an independent outpatient (§ 2 para 1 Z 5 KAKuG) in the task pane of the occupational medicine, as well as e) facilities maintenance , whose operation is subject to a reporting, display or permit requirements for federal or State regulations, and regulatory supervision or control.

11.

"ELGA system partner": the State, the Governments and the main Association of Austrian social insurance institutions (hereinafter: Association).

12 "ELGA participants": individuals who meet the participation requirements of section 15 and may be recorded for which therefore electronic references to it ELGA health data (No. 9).

13 "Reference register" ("registry"): a register which is used in the context of ELGA of recording electronic references to ELGA health data (No. 9).

14 "ELGA Ombudsman's Office": that place, which advises ELGA participants in the exercise and enforce their rights in matters of ELGA and in matters of data protection and support as well as supporting ELGA system partner in the further development of the participants / rights and data protection.

15 "Inconsistent places": those points, compared to a general objection in writing by ELGA participants-seekers can be delivered.

2. section

The electronic transmission of health information privacy

Principles of data security

3. (1) this section applies to all forms of electronic communication of health data (directional and non-directional communication) by health service providers (§ 2 No. 2).

(2) section 4 No. 3 to 6 as well as the sections 5 to 7 are on the electronic communication of health data within a health service provider not to apply, if unauthorised third parties can be excluded from access to health data and thus their knowledge through effective and the State of the art data security and control measures.

(3) the admissibility of health data is by means of rollers to depict. Health service providers have to ensure that there is no use of health data outside the permissible roller technically.

(4) health service providers may only then give health data, if 1 the disclosure to a DSG 2000 stated purpose is allowed in section 9 and 2. the identity (§ 4) those individuals, whose health data should be propagated, is assigned to and 3. the identity (§ 4) the health service providers involved in the disclosure is proven and 4 the roles (§ 5) of health service providers involved in the transfer are proven and 5. confidentiality (section 6) the shared health data is guaranteed and 6 to ensure the integrity (section 7) of the provided health data is.

Identity

4. (1) Redistributions of health data is the identity (§ 2 No. 1 of the E-Government Act [E-GovG], Federal Law Gazette I no. 10/2004) to determine those individuals, whose health data should be propagated.

(2) in the case of directional communication also have evidence and examination of the unique identity (§ 2 Z 2 E-GovG) by persons whose health data should be passed, to be carried out.

(3) the patient index according to § 18 May to check the unique identity (§ 2 Z 2 E-GovG) of individuals, whose health data should be passed on, be used also outside of ELGA (section 4).

(4) identification and examination of the unique identity (§ 2 Z 2 E-GovG) by health service providers have 1 by using electronic signatures must be traceable to qualified certificates, as well as sector-specific personal identifier (§ 9 E-GovG) or 2. through electronic matching to the eHealth directory service (section 9) or 3 by electronic matching for the health service provider index to be carried out (article 19).

(5) for reasons of patient/inn/en/security is the unique identity 1 of individuals, whose health data should be propagated, and 2 by health service providers, using the unique electronic identifiers in accordance with § 8 to save E-GovG.

(6) in order to facilitate the identification in the health field (article 9, para. 1 E-GovG) are the § § 14 and 15 E-GovG using the citizen card functionality in the private sector not to apply. Instead, there are the provisions of the E-GovG, which apply for public sector clients, such as in particular the sections 8 to 13 E-GovG, apply by analogy to. This in particular entitled to health service providers, to require the facilities of their data applications with bPK according to § 10 ABS. 2 E-GovG by the master number register authority.

Role

5. (1) identification and examination of the role of health service providers have to be carried out in accordance with § 4 para 4.

(2) the Federal Minister for health has in accordance with article 28, paragraph 1 Z 1 with regulation to determine these roles.

Confidentiality

§ 6 (1) is the confidentiality of the electronic transmission of health data ensuring that either 1 electronic distribution is carried out by health data over networks, which are secured according to the State of the art in network security against unauthorised access, by they at least a) ensuring traffic through cryptographic or structural measures, b) network access only for a closed or distinct users / group and c) provide for the authentication of users , or 2 protocols and procedures are used, a) that causes complete encryption of health data and b) whose cryptographic algorithms in the regulation referred to in article 28, paragraph 1 Z 2 are listed.

(2) in the case of the electronic transmission of health information pursuant to paragraph 1 No. 2 may the information excluded by the encryption neither references to the persons concerned (§ 4 Z 3 DSG 2000), their health information be disclosed, nor contain any authentication data.

(3) it is to ensure that the health data in data stores, demand provided a principal of an operator ("cloud computing"), only then will be stored, if the health data with a procedures corresponding to the current state of the art (para. 1 No. 2) are encrypted.

Integrity

§ 7 (1) identification and verification of the integrity of electronic health data have through the use of advanced or qualified electronic signature according to § 2 No. 3 of the signature law (SigG), Federal Law Gazette I no. 190/1999, to be carried out.

(2) section 1 is not to apply to the electronic transmission of health information between health service providers when do so a network secured according to the State of the art pursuant to § 6 paragraph 1 Z 1 and access to this network in advance known exclusively for healthcare providers is possible.

IT-security concept

§ 8 (1) health service providers have an IT security concept all in accordance with § 14 data security measures taken to document DSG 2000 and the provisions of this Federal Act. That both correctly accessed as the dissemination of the data and the data are not accessible to unauthorized, must be drawn from this documentation.

(2) the legal entity of hospitals as well as the supervisory or regulatory authorities of institutions maintaining, the Austrian Medical Association, the Austrian Chamber of dentists, the midwife Panel, the Austrian Chamber of pharmacists, Austrian Federal Economic Chamber and the Association that standardized forms and fill tools for documentation in accordance with paragraph 1 to the support for those health care providers available, make for them as a registration authority according to § 2 function Z 4.

(3) the documentation referred to in paragraph 1 is to provide this at the request of the Federal Minister of health.

3. section

Information management

Organization of the eHealth directory service (eHVD)

§ 9 (1) the Federal Minister of health has to 1 support of the permissible use of health information in electronic form to operate 2. improvement of information on health-related services, as well as 3 support by planning activities and reporting (section 11) an eHealth directory service (eHVD).

(2) health service providers must be entered by the Registrar in the eHVD.

(3) the registration of the data referred to in article 10, paragraph 1 in the eHVD and whose discharge from the eHVD: 1 current transfer: a) the doctor list according to § 27 ÄrzteG 1998, b) the dentist list pursuant to § 11 ZÄG, c) the midwifery register according to § 42 of the midwifery Act, Federal Law Gazette No. 310/1994, d) the Pharmacy Directory pursuant to § 2 para 4 Z 12 of the Pharmacy Board Act 2001 , Gazette I no. 111/2001, e) the list of clinical psychologists and health psychologist in accordance with section 16 of the psychologist Act, Federal Law Gazette No. 360/1990, f) psychotherapist list pursuant to section 17 of the psychotherapy Act, Federal Law Gazette No. 361/1990, g) the music therapist list pursuant to § 19 of the music therapy Act, Federal Law Gazette I no. 93/2008, as well as h) the Kardiotechnikerliste pursuant to § 19 of the Kardiotechnikergesetzes, BGBl. I no. 96/1998 or 2. due to the electronic message a) a health service provider registered in the eHVD through his own subordinate organizational units , b) the Governors about the in their State or the district administrative authorities which in their district aa) issued, amended and repealed grants for health service providers or bb) otherwise displayed activities of health service providers, c)

the Central Office about the insurers brought together in him, as well as d) the legal entity from health care facilities or 3 by the Federal Minister of health for all other health service providers.

(4) facilitating the message pursuant to par. 3 No. 2 lit. a may only be carried by health service providers who are not natural persons, claim when they save their organizational structure internally and ensure that 1 exists in this organisational structure in the current form, 2. for all health data generated a natural person can be held liable, 3. stored data in the Organization subsequently left their mark can be changed and 4 the time of storing organizational data remains detectable and can be changed also subsequently left their mark.

(5) the registrars have the registration in accordance with the technical and organisational requirements for 1 para 3 and 2 to create the clarification of cases of doubt with regard to the quality of the data.

The eHealth directory service data

§ 10 (1) the following data are included eHVD: 1 name and academic degrees, or label of the health service provider, 2. the designation of the legal entity, if the health service provider is not a natural person, 3. identifiers of the health service provider including the unique electronic identifiers in accordance with § 8 E-GovG, 4. information professional, postal and electronic accessibility of health service provider, 5 the role (s) as well as special powers or properties of the health service provider , 6 unique identifier (OID) and the symbolic identifier, 7 national of health service provider, 8 that this information can be found on information required or the electronic address to which to encrypt health data, 9 indicating an ELGA healthcare provider whether, 10 information on the geographic localization of the health service provider, 11 information on the range of services of the health service provider, 12 the designation of those registration authority according to § 2 Z 4 , which the data have been taken in the eHVD, and, where appropriate, the name of the source of the data as well as 13 eHVD date of recording the data in the as well as the date of the last adjustment.

(2) information about the electronic availability is by way of derogation from paragraph 1 (par. 1 Z 4) and information on para 1 Nos. 8 and 11 only to the extent in the eHVD to record when they are submitted by the Registrar.

(3) the information about special powers or properties referred to in paragraph 1 Z 5 and to paragraph 1 Nos. 6, 9, 10, 12 and 13 are to be completed by the Federal Minister of health.

(4) for the unique electronic identification by health service providers (para 1 No. 3), who are natural persons have registrars sector-specific personal identifier to use. The sector-specific personal identifier not provided by the registrars available, date of birth, gender, as well as the birthplace of the respective health service provider are para 1 the Federal Minister of health in accordance with in addition to the information, if the latter is available and required for identification purposes, to submit.

(5) the unique identifier referred to in paragraph 1 No. 6 (OID and symbolic identifier) is based on ÖNORM A 2642, "information technology - open systems, procedures for the registration of information objects in Austria" by January 1, 2011, to derive from the identifier (OID) of the Federal Ministry of health. You Z 1 to 7, 12 and 13 designated data may be transmitted a where appropriate, system for the procurement and management of Objektidentifikatoren in paragraph 1 by the Federal Minister of health.

(6) the data contained in the eHVD is with the exception of the identifiers and the nationality of the health service provider (para 1 No. 3 and no. 7) and those data which are publicly accessible and - if necessary - also in English to provide excluded due to existing legislation from a publication.

(7) the Federal Minister for health who may transmit Z 1 to 6, 8, 12, and 13 data health service providers or their service providers to the extent of the needs to be assigned to in the eHVD referred to in paragraph 1. The delivery recipient may use the data for purposes in accordance with article 9, paragraph 1 Z 1.

Monitoring

§ 11 (1) the Federal Minister for health can to evaluate the use and the impact of information and communication technologies in the health sector - in accordance with the requirements of the European environment - set up a nationwide reporting system, on the basis of standardized specifications information in particular concerning 1 the availability of technical infrastructure, including the communication infrastructure, 2. the nature and scope of the e-health applications and procedures, and 3. the economic conditions of the e-health allows.

(2) the type and extent of surveys associated can be set due to have role-specific features with varying degrees of detail.

(3) the Federal Minister of health has to submit the report referred to in paragraph 1 to the National Council and is entitled to use the results of this report for the reporting bodies of the European Union or other international organisations.

(4) the health service providers as well as all other sites that have information about the use of information and communication technologies in the health sector, are obliged to furnish the necessary information to create a report referred to in paragraph 1 or to provide the requested documents.

Basics of cross-border health care

§ 12. The Federal Minister of health has to support the continuity of treatment and the patient/inn/en/security across borders and to create the necessary, notably technical basics.

4 section

Electronic health record (ELGA)

General provisions on the electronic health record

13. (1) the use of the electronic health record meets an important public interest in accordance with article 8 paragraph 4 of Directive 95/46/EC on the protection of natural persons in the processing of personal data and on the free movement of data, OJ No. L 281 of 23.11.1995 p. 31. This important public interest in the use of ELGA stems in particular from: 1 an improved, faster availability of medical information, leading diagnostic and therapeutic decisions, as well as the treatment and care to an increase in quality, 2. improving the process and quality of health care services, 3. the expansion of integrated supply and cross-sectoral joint management in public health, 4. maintaining a high-quality , balanced and accessible health care, 5. the strengthening of patient/inn/en/rights, in particular the information and the legal protection in accordance with DSG 2000 on the use of personal data, as well as 6 a contribution to the preservation of the financial balance of the social security system.

(2) ELGA health service providers have to fulfil the purposes referred to in article 14, paragraph 2 the right to save ELGA health data in ELGA and, taking into account the respective professional obligations (E.g. § 49 paragraph 1 ÄrzteG 1998; § 10 pharmacy Regulations 2005, Federal Law Gazette II No. 65/2005) to determine if this federal law nothing else, is set by the exercise of ELGA participants/inside/right pursuant to § 16,.

(3) to ensure the objectives referred to in paragraph 1 are to ELGA at the earliest from the dates referred to in article 27 paragraph 2 to 6 and no later than from the date referred to in § 28 para. 2 No. 4: 1 dismissal letters (§ 2 Z 9 lit. a sub-lit. aa) by hospitals (§ 2 Z 10 lit. d), 2 laboratory findings (§ 2 Z 9 lit. bb a sub-lit.) by members of the medical profession (§ 2 Z 10 lit. a) , unless these specialists/physicians of special disciplines are medical and chemical laboratory Diagnostics or hygiene and microbiology, as well as hospitals (§ 2 Z 10 lit. d) in outpatient treatment, 3. findings of the imaging diagnosis by members of the medical profession (§ 2 Z 10 lit. a), unless these specialists/physicians of the special compartment are radiology, as well as hospitals (§ 2 Z 10 lit. d) during outpatient treatment, 4. medication data (§ 2 No. 9 lit. b) , as far as this trade name or active ingredient relate to, by members of the medical profession (§ 2 Z 10 lit. a) the regulation, 5. medication data (§ 2 Z 9 lit. b), as far as this trade name or active ingredient relate to, through pharmacies (§ 2 Z 10 lit. c) and Selfcare leading doctors at the delivery, 6 more findings (§ 2 Z 9 lit. dd a sub-lit.) according to § 28 para 2 Nos. 3 and 4.

(4) any image data (§ 2 Z 9 lit. a) are only and only in that to save deemed this the ELGA health service providers necessary extent to ELGA.


(5) the ELGA system partners have under consideration of proposed safety requirements ELGA to to provide that the interfacing of ELGA at the ELGA participants-seekers and ELGA health service providers is user - and user-friendly, in particular through easy to use, effective, and for medical criteria optimized search and filter functions, possible.

(6) the ELGA system partners, the ELGA health service providers, where appropriate, represented by the respective legal advocacy, have after respective concern, under observance of the economic justification, as well as the State of the art to set parameters that are essential for the user and user friendliness, together. The relevant and technical questions and parameters are to vote Austria before establishing with the Chamber of Commerce.

(7) a use of ELGA is for reasons that are not caused by the ELGA health service provider in any particular case technically impossible or life or health by the time associated with the search of the ELGA participant the participant on ELGA seriously endangered, undertakes the ELGA health service provider not to ELGA health data by means of ELGA.

Principles of data use

14. (1) use (save and find) by ELGA health data is permitted only if 1 the ELGA participants (§ 15 para 1) in accordance with article 18 clearly identified, 2. the ELGA health service providers or the ELGA Ombudsman in accordance with article 19 clearly identified, and 3. the ELGA health service providers or the ELGA Ombudsman's Office in accordance with section 21 to use the ELGA health data are entitled.

(2) the ELGA health data exposed by ELGA may personal data only 1 for health purposes in accordance with § 9 Z 12 DSG 2000, except for the management of health services, a) the the / the ELGA-participants/in or supervising ELGA health service providers, b) ELGA health service providers, the a/one ELGA participants/in for the treatment or care of an a lit ELGA health service provider according to was assigned to, as well as c) people, the in lit. a and mentioned b ELGA health service provider in which support its activities and in the case of these to instructed were or 2 to the perception of the participants / right pursuant to § 16 of a) ELGA-participants/holding/n, b) whose legal or authorised representative-seekers, as well as c) the ELGA Ombudsman's Office (§ 2 Z 14) be used.

(2a) which is the perception of the participants / right pursuant to § 16 from the age of 14 years (mature minors) only the ELGA participants the ELGA participant to.

(3) on the request, the access and the use by ELGA health data exposed by ELGA is anyway forbidden: 1. persons or institutions, the neither ELGA health service provider (§ 2 Z 10) still ELGA ombuds office (§ 2 Z 14) are, 2. ELGA health service providers in the treatment or care one ELGA participant of ELGA participant involved that if does not meet the requirements of paragraph 1 are ELGA health service providers, 3., 4. the ELGA Ombudsman's Office , if not in the consulting or support ELGA participant of ELGA participant involved in an is, 5. employer-seekers, employer, recruitment consultant-seekers, 6 insurance companies, 7 carriers statutory social security and sickness and accident welfare institution, if they not in the treatment or care one ELGA participant of ELGA participant in accordance with paragraph 2 and 3a are linked, 8 administrative authorities and courts, as well as 9 other natural or legal persons , are entitled under this Federal Act does not expressly, as well as for all purposes intended in this federal law expressly as allowed.

(3a) ELGA health service provider, the employer or employer and are involved in the treatment or care of ELGA participants-seekers, who are their workers or be employed by them, whose ELGA health data may only use if they 1 this ELGA participants have pointed out previously expressly the participants / right pursuant to § 16 and 2. through technical means have made sure that within by ELGA health service providers only to persons on ELGA health data can be accessed , which in the specific treatment or care process of the respective ELGA participant / the respective participant on ELGA are linked.

(4) ELGA health service providers, the ELGA Ombudsman's Office as well as their service providers and employees - workers (service workers) and people in a similar workers (service workers similar) ratio - have ELGA health data that have been entrusted to them due to their professional employment or have become accessible, without prejudice to other statutory confidentiality obligations, to keep secret.

(5) the Federal Minister for health DSG perceives in representation for the ELGA health service providers the reporting obligations pursuant to § 17 2000.

Principles of ELGA-participation

Section 15 (1) ELGA participants are all natural persons, 1 in the patient index according to § 18 covered and thus in any case, those who in the data applications of the Confederation pursuant to § 31 para 4 No. 3 lit. a ASVG or the supplementary register pursuant to section 6 para 4 covered E-GovG and 2. attending ELGA disallow (para. 2).

(2) the participation of ELGA may be revoked at any time generally (opt-out). This is to indicate whether or not this contradiction on all or some types of ELGA-health data (§ 2 Z 9) refer to. This General contradiction can 1 writing across Z emitted 7 to be determined opposition authorities according to § 28 para. 2 or 2. electronically via the access portal (article 23), anyway, but so that the unique identity of the person who does not want to participate in ELGA, as well as the authenticity of the communication can be tested. The contradiction is to confirm. The Federal Minister of health has by Regulation (§ 28 para. 2 No. 7) opposition set to. In particular detailed rules for the exercise of their functions and for the securing of participants / right are to meet.

(3) all existing up to the point of contradiction according to para 2 in the ELGA reference tabs and covered by the opposition references and ELGA health data including medication data are to delete; If deleting due to other legal documentation obligations or § 22 para 5 No. 1 is excluded, the references for ELGA are inaccessible.

(4) General contradictions (opt-out) in accordance with paragraph 2 may be revoked at any time. As long as a valid contradiction, first sentence may be stored no ELGA accessible references to ELGA health data in accordance with article 20, paragraph 2. For times of a valid objection in accordance with paragraph 2 and article 16, paragraph 2, no legal claim to a subsequent recording of references to ELGA health data is no. 2.

Rights of the ELGA participants

(Section 16 (1) ELGA participants have electronically through the access portal (article 23) or in writing to the ELGA Ombudsman's Office (sec. 17) individual access permissions pursuant to article 21, paragraph 3 to set the right 1 to obtain information about the ELGA health data concerning him or her, as well as log data in accordance with article 22, paragraph 2 and 2, by them a) electronic references and ELGA health data including medication data for ELGA health service providers or hide and delete; If deleting due to other legal documentation obligations or § 22 para 5 No. 1 is excluded, the references for ELGA are inaccessible to make, or b) shorten periods for existing permissions according to § 18 paragraph 6 or c) set an ELGA health service providers of special trust with his consent in accordance with section 18, paragraph 7.

(2) ELGA participants have the right 1 compared to treating or supervising ELGA health service providers storing medication data (§ 2 Z 9 lit. b) as well as references to ELGA health data (§ 2 Z 9 lit. a) pursuant to section 20 para 2 first sentence in conjunction with § 13 para 3 and 4 to demand, as well as contradicting 2. recording of electronic references and ELGA health data including individual medication data for a treatment or Betreuungsfall , as long as this is not excluded due to other legal documentation obligations. This right is ELGA participants the ELGA participant especially in ELGA health data, which is a) HIV infection, b) mental illness, c) data in accordance with section 71a para 1 GTG or d) abortions refer to inform.

(3) persons who participate in ELGA pursuant to § 15 para 2 disagree 1 or 2 which them to participants / right exercise,


May this not in the access to medical care even with regard to the expenses borne suffer disadvantages. However, you are responsible, if for this reason an ELGA health service provider despite compliance with its due diligence of a fact major for the treatment or care can become not aware. ELGA health service providers are obliged to ELGA participants-seekers not to demand on the exercise by participants / right.

(4) the ELGA health service providers have para 1 to 3 in the form of an easy to read requirements to inform clearly visible and accessible placement on their premises. The legal representation of interests for health professionals, freelance pursuing their occupation as a health service provider, have to provide the notice within the scope of its transferred effects the respective ELGA health service providers.

(5) the Federal Ministry of health has to publish information about the current state of ELGA and to inform the persons concerned of their rights.

e-medication

section 16a. (1) the Association has in the transferred area of effect as ELGA application until 31 December 2014 to set up an information system on orphan medicinal products prescribed and delivered ("e-medication") and to operate at that time. The information system has ELGA participants-seekers and ELGA health service providers in accordance with § to provide an overview on the for this prescribed ELGA participants/these ELGA participant and dispensed medicines 2 Z 10 in respect of participants / right pursuant to § 16. For this purpose, ELGA health service provider have according to their obligations laid down in this Federal Act which ELGA health data in accordance with § 2 No. 9 lit. (b) in this information system to store, as long as this is not excluded by the exercise of participants / right. The examination of interactions is the responsibility of the ELGA health service provider and is not the subject of the information system.

(2) the operation of the e-medication system may not interfere in the provision of services the treatment or care of ELGA participants-seekers, especially in the therapeutic freedom of doctors and physicians.

(3) is the identification of the ELGA participant the ELGA participant pursuant to § 18 para 4 No. 4, is restricted to use on medication storage.

ELGA ombuds office

Section 17 (1) the ELGA ombuds office (§ 2 Z 14) is the Federal Minister of health by Regulation (§ 28 para. 2 Z 8) to set up. In particular detailed rules for the exercise of the tasks referred to in paragraph 2 and in order to ensure the rights of the ELGA participants are to meet.

(2) the Federal Minister of health has to operate the ELGA Ombudsman's Office. The ELGA Ombudsman's Office is the information, advice and support interested parties in matters relating to ELGA, in particular in the enforcement of participants / right and in matters of data protection. In this sense, the ELGA Ombudsman's Office as the focal point for the has to issue ELGA participants the ELGA participant upon request within two weeks, which are necessary in order to determine the customer responsible for the processing of his/her data in ELGA all information. The staff of the ELGA Ombudsman's Office in the exercise of their activities to the Federal Minister of health in connection with the information, advice and support are free instruction. The requests of the ELGA Ombudsman's Office to ELGA health data shall be recorded. This provision shall be without prejudice to the powers of the data protection Commission.

3. the ELGA ombuds office has to support the ELGA system partner in the further development of the participants and rights and data protection.

(4) persons who are active for the ELGA ombuds office may act in ELGA matters at the request of ELGA participants-seekers for this according to § 5 ABS. 3 afterwards E-GovG. The master numbers register authority shall at the request of the persons working for the ELGA ombuds office in place of the master number, a bPK of / to provide the represented.

Verification of identity by ELGA participants-seekers

Section 18 (1) which has main Association to establish a patient index in the borne area of effect and to operate. Serves: 1 unique identification (§ 2 Z 2 E-GovG) of individuals in the context of ELGA or other eHealth applications, and 2. the localization of reference registers, references to ELGA health data this natural persons located where.

(2) Im Patientenindex sind folgende Daten natürlicher Personen zu verarbeiten:

1.
Namensangaben:

a)
Vorname(n)

b)
Familien- oder Nachname

c)
Geburtsname

d)
akademische Grade

2.
Personenmerkmale:

a)
Geburtsdatum

b)
Geburtsort, soweit verfügbar

c)
Geschlecht

d)
Sterbedatum, soweit verfügbar

e)
Staatsangehörigkeit

3.
Adressdaten

4.
Identitätsdaten:

a)
Sozialversicherungsnummer

b)
lokale Patient/inn/en/kennungen

c)
bPK-GH

d)
über die Z 1 bis 3 hinausgehenden Daten der europäischen Krankenversicherungskarte

e)
sonstige staatliche Identifikatoren.

(3) the data referred to in paragraph 2 are primarily from data applications of the Confederation pursuant to § 31 para 4 No. 3 lit. to determine a ASVG, as well as the supplementary register pursuant to section 6 para 4 E-GovG.

(4) verifying the identity of the ELGA participants (article 14, paragraph 1 Z 1) in electronic form with the participation of the ELGA participant the ELGA participant to be carried out. The identity data stored in the index of patient with the identity data determined in the framework of the identification are to compare. Determining the identity data can by 1 an electronic check of the validity of the e-card and the reading of data of the e-card by means of e-card system (paragraphs 31a ff ASVG) or 2 using of a citizen card (§ 2 Z 10 E GovG) or 3 use identity data of a natural person, clearly identified in accordance with article 4, paragraph 2, which at an ELGA health service provider in accordance with § 2 No. 10 lit. d and e are stored with the IT-security concept in accordance with § 8 to cover the verification of identity of the ELGA participants technically has Z 1 or 4. for the purpose of using the ELGA health data pursuant to § 14 para 2 using data of electronic or otherwise clearly identifiable regulation or allocation (§ 14 para 2 subpara 1 lit. b), unless the identity data in accordance with no. 1 to 3 are determined , be carried out.

(5) in the course of determining the identity data by means of e-card system (paragraphs 31a ff ASVG) is in the same step, but technically the data flows of the parental (sec. 31a ff ASVG) separated, also a possible contradiction according to § 16 para 2 Z 2 to document.

(6) the verification of identity of the ELGA participants (para. 4) must Z 10 lit for the access and the use of ELGA health data for the purposes stated in § 14 para 2 through 1 ELGA health service provider pursuant to section 2. a, b, d and e and the ELGA Ombudsman's Office in accordance with § 2 Z 14 no longer than 28 days and 2. ELGA health service provider in accordance with § 2 No. 10 lit. (c) not more than two hours behind.

(7) by way of derogation from paragraph 6 ELGA participant can an ELGA participants/one one or more ELGA health service providers of special trust in accordance with § 2 No. 10 lit. a, b, c, and e in conjunction with § 21 para 2 with its consent, a period of up to 365 days.

(8) except for the cases referred to in § 17 paragraph 4 representations may be registered E-GovG by ELGA participants-seekers in electronic transactions solely in accordance with article 5, paragraph 1, where: 1 place the Sourcepin a bPK the ELGA participant the ELGA participant to enter is, and 2. the permission for access to ELGA separately must be entered.

(9) ten years after knowledge of the death date of ELGA participant of ELGA participant has the Association data stored in the patient index of / to automatically delete the deceased.

Verification of identity by ELGA health service providers and the ELGA Ombudsman's Office

Section 19 (1) to verify the identity of ELGA health service providers and the ELGA Ombudsman's Office is a health service provider index by the Federal Minister of health to establish and maintain. To be included in the health service provider index data must be determined from the eHVD and include the information pursuant to § 10 para 1 sub-para. 1 to 8.

(2) the identity by ELGA health service providers or the ELGA Ombudsman's Office is to determine Z 1 to 8 through identification of the data pursuant to article 10, paragraph 1, where this data through 1 suitable identification cards of the e-card system (sections 31a ff ASVG) or 2 using of a citizen card (§ 2 Z 10 E GovG) or 3. using electronic signatures, which must be traceable to qualified certificates, to be made.

(3) verifying the identity established in accordance with paragraph 2 in electronic form has by matching the data determined in accordance with paragraph 2 to be the data stored in the health service provider index.

ELGA health data


Section 20 (1) If is anything else results para 2 subpara 2 §§ 15 para 2 and 16, have ELGA health service provider ELGA health data in according to § 28 para. 2 Z 5 appropriate data stores that must reside in the territory of the European Union, to save (§ 13 para 3). ELGA health data already stored cannot be changed. Circumstances emerge, which can lead to a significant change of treatment, is an updated version in addition to save. Contracting Authority for storage is the respective ELGA health service provider.

(2) If is the § 15 para 2 and 16 para 2 anything else results no. 2, have ELGA health service provider in reference directories, which must be in the territory of the European Union to save (§ 13 para 3). This does not apply in cases in which ELGA participants have objected to the inclusion of references. Contracting Authority for storage is the respective ELGA health service provider.

3 ELGA health data, as well as electronic references to it are distributed for ten years, notwithstanding other legal documentation obligations, to save. Then the electronic references and ELGA health data by the operators are Z according to § 28 para 2 to delete 5 suitable data storage and reference register for ELGA; If delete due to other legal documentation requirements or according to § 22 para 5 No. 1 is excluded, the references for ELGA are inaccessible.

(4) by way of derogation from paragraph 2 and 3, medication data according to § 2 No. 9 are lit. b 1 without storing recording electronic references central to ELGA and 2nd one year from delivery of the person responsible for the technical operation automatically to delete.

(5) electronic references are to create automatically and shall contain: 1. data related to the / the ELGA-participants/in: a) the bPK-GH the ELGA participant the participant on ELGA or b) local patient/inn/en identifiers, 2. data relating to the ELGA health service provider: a) the unique identifier of the ELGA health service provider that is responsible for the recording of ELGA health data, b) the natural person who has saved the ELGA health data in ELGA , 3. data relating to the ELGA health data: a) the location of ELGA health data, b) the unique identifier of the ELGA health data, c) date and time of creation of the ELGA health data, d) pointing out any earlier versions of this ELGA health data, e) if present, a structured note on the medical name of ELGA health data, as well as f) date and time at which the electronic reference to ELGA health data was recorded in register reference.

Permission system

Section 21 (1) is the permission system of the ELGA system partners to set up and operate. It is used to manage the access permissions and the control of access to ELGA health data. Without permission, you cannot appear ELGA health information nor references.

(2) in the light of the general permissions that specify which default accessibilities are permitted, may: 1 members of the medical profession (§ 2 Z 10 lit. a) on all ELGA health data (§ 2 Z 9), 2 members of the dental profession (§ 2 Z 10 lit. b) to ELGA health data in accordance with § 2 No. 9 lit. a and b, 3. pharmacies (§ 2 Z 10 lit. c) on medication data according to § 2 No. 9 lit. b, 4 hospitals (§ 2 Z 10 lit. d) on all ELGA health data (§ 2 Z 9), 5. facilities maintenance (§ 2 Z 10 lit. e) on all ELGA health data (§ 2 Z 9), 6 representatives pursuant to § 14 para 2 subpara 2 lit. (b) on all ELGA health data (§ 2 Z 9) and 7 employees of the ELGA Ombudsman's Office on all ELGA health data (§ 2 Z 9) access.

3 ELGA participants may by means of individual access permissions: 1. within the general permissions electronic references or, and ELGA health data including medication data for ELGA health service providers or references for ELGA are inaccessible to make, hide and delete if deletion due to other legal documentation requirements or according to § 22 para 5 No. 1 is excluded, or 2. shorten periods for existing permissions pursuant to § 18 para 6 3 set an ELGA health service provider of special trust with his consent in accordance with section 18, paragraph 7.

Logging system

Section 22 (1) is the logging system of the ELGA system partners to set up and operate. The logging system is used for documentation and traceability of the use of ELGA health records.

(2) any use by ELGA health data in the context of ELGA is to log with DSG 2000 pursuant to § 14: 1 date and time of use, 2. the unique log transaction number, 3. type of use operation, 4. the unique electronic identity of the ELGA health service provider or the ELGA Ombudsman's Office, the the operation has triggered /, 5 the name of the natural person who has actually used the ELGA health data, 6 the unique identifier of the ELGA health data , 7. the query criteria, as well as 8 error messages for other queries, if they lead to error messages.

(3) the log data referred to in paragraph 2 are to be kept three years after access and readable and available to keep.

(4) ELGA participants have the right to get information about the log data relating to them and to use them in accordance with article 16, paragraph 1 Z 1. The output of this logging data has to be simple and clear.

(5) the logging data in accordance with paragraph 2 is not personal may be used, except for: 1 the judicial or extrajudicial enforcement and defense claims made legal claims or 2. ensuring the use according to on the role (section 5) or 3 for information by ELGA health data update or 4. in the case of technical need or 5th indirectly personal data to the optimization and evaluation of ELGA.

(6) ELGA health service providers in accordance with § 2 No. 10 lit. a and c have the right to get information about the log data and use, which relate to the use of operations made by them.

(7) the ELGA system partners have to make ELGA, that modification by ELGA health data that can lead to a significant change in the treatment or care history (§ 20 para 1 third sentence), those ELGA health service providers who have accessed the ELGA-health data in the non-updated version, in accordance with section 21 paragraph 3 in ELGA available.

Access portal

Section 23 (1) the Federal Minister of health has to run a publicly accessible health portal to provide quality assured health information for the public.

(2) this health portal is that must review the unique identity of the ELGA participants pursuant to § 18 para 4 ensure access portal of ELGA, the 1 Z 2 and offer 2 functions to the safeguarding of participants / rights under sections 15 and 16.

(3) ELGA health service providers may access the access portal to health data by ELGA participants-seekers only in compliance with the provisions of this Federal Act.

(4) the health portal can offer access to other health-related electronic services.

Rights to ELGA

Use the ELGA components of 1 patient index (section 18), 24 (1) to maintain the financial equilibrium of the social security system is 2. health service providers index (section 19), 3. reference register (section 20), 4. data storage (section 20), 5 permission system (article 21), 6 logging system (article 22) and 7 access portal (§ 23) for determining the ELGA health data exposed by ELGA pursuant to § 14 para 2 free of charge.

(2) operators of data storing and reference tabs may be excluded regardless of its legal form, not as a service provider for ELGA, as soon as they meet the requirements of § 28 para 2.

5. section

Final provisions

Administrative penal provisions

Section 25 (1) who 1 violates article 3, par. 3 should fail, technically to ensure that there is no use of health data outside the permissible roller or 2. contrary to § 4 omits the identification of individuals, whose health data should be propagated, or health service providers or 3. contrary to article 5, paragraph 1 shall refrain from proof or examination of the role of health service providers or omits 4. contrary to article 6, to ensure the confidentiality of health data through data security measures , or 5 contrary to section 7 omits evidence or verification of the integrity of electronic health data or worse is 6 contrary to § 16 para 3 people in access to medical care or with regard to the expenses borne or 7 takes the easier conditions in accordance with § 27 para 10 or 12 claim, without meeting the prerequisites, or 8 as ELGA ELGA health data health service provider intentionally used, without being authorised ,


commits, unless the Act constitutes not a criminal offence falling within the jurisdiction of the courts or to other administrative penal provisions with stricter punishment is, an administrative offence and be punished up to 10 000 euro fine.

(2) as is, unless the Act constitutes not a criminal offence falling within the jurisdiction of the courts or is threatened after other administrative penal provisions more stringent punishment to punish who deliberately used 1 as employee of ELGA Ombudsman ELGA health data, without being entitled to do so, or 2. as employees of the Federal Ministry of health used ELGA health data, without being entitled to do so.

(3) in the cases of paragraph 1 Z 8 and paragraph 2 is also punishable.

Entry into force

26. (1) this federal law with 1 January 2013 enter into force.

(2) the Gesundheitstelematikgesetz, Federal Law Gazette I no. 179/2004, last amended by Federal Law Gazette I no. 36/2010, occurs at the end of 31 December 2012 override.

Transitional provisions

Section 27 (1) the Federal Minister of health has the access portal (article 23), the opposition points (§ 28 para. 2 No. 7) as well as the ELGA ombuds office (article 17) in accordance with the technical availability until 31 December 2013 to build and to provide that the perception of the participants / right is guaranteed and can be done in a timely manner. ELGA can be used at that time.

(2) if not a regulation according to § 28 para 2 determines later Z 4, § 13 para 3 from 1 January 2015 applies 1 hospitals in accordance with § 3 par. 2 b KAKuG, which are charged on country health fund, 2. the General accident insurance institution as far as ASVG operates hospitals in accordance with § 24 para 2 and 3 facilities of care according to § 2 No. 10 lit. e, as far as is technically possible to use the ELGA components (section 24) for use by ELGA health data.

(3) unless not a regulation in accordance with article 28, paragraph 2, applies later Z 4 down 1 July 2016 § 13 para 3 for 1 pharmacies pursuant to section 1 of the pharmacy Act, 2. freelance make doctors and physicians, 3rd group practices as well as 4 independent outpatient clinics in accordance with § 3a KAKuG, as far as the ELGA components (section 24) for use by ELGA health data technically possible is to use. This does not apply Nos. 4 and 6 but freelance doctors and physicians, group practices, and independent outpatient clinics (§ 3a KAKuG) with regard to the obligation pursuant to § 13 para 3, if this ELGA health service provider in no contractual relationship to a carrier are the statutory social security system.

(4) if not a regulation according to § 28 para 2 applies a later date determined from 1 January 2017 Z 4 § 13 para 3 for private hospitals in accordance with § 1 para 2 of private hospitals Financing Fund Act (PRIKRAF-G), Federal Law Gazette I no. 165/2004, as far as using the ELGA components (section 24) for use by ELGA health data is technically possible.

(5) from 1 January 2017 1 advance directives, 2. precautionary powers as well as 3 have in accordance with the technical availability the medical register (§ 2 Z 9 lit. e) are available to ELGA.

(6) if not a regulation according to § 28 para 2 determines later Z 4 § 1 January 2022 is 13 para 3 for 1 freelance dentists and dentists, 2 dental group practices, as well as 3 independent dental outpatient clinics.

(7) if not a regulation according to § 28 para 2 determines later Z 4 Z 1 has no later than 1 January 2015 as standard according to § 28 para 2 lit. a to c a search in the Dokumentenmetadaten document tab in any case to be possible.

(8) if not a regulation in accordance with § 28 para. 2 No. 4 determines later Z 1 has lit no later than 1 January 2015 as standard in accordance with § 28 para. 2. a to c a content consistent structure and outline, so that content in medical information systems can be taken over, or at least a unification of the outline of the contents, to make sure.

(9) if not a regulation in accordance with § 28 para. 2 No. 4 determines later Z 1 has no later than 1 January 2018 as standard according to § 28 para 2 lit. a to c an encoding of information in ELGA according to uniform specifications to be developed by the ELGA system partners with the participation of legal representatives, if they are affected in the functions to be performed by them,.

(10) proof or verification of identity, role or integrity are according to the provisions of the 2nd section (directional and non-directional communication) notably due to lack of existing technical infrastructure not reasonable health data may be distributed only, if at least the identities and relevant roles of health service providers involved in passing each other by 1 personal contact or 2. telephone contact or 3. Treaty provisions or 4 query of electronic directories a) the Austrian Medical Association or b) of the Austrian Chamber of dentists or c) of the Austrian midwife Panel or d) the Austrian Chamber of pharmacists or e) of the main Association f) of the Federal Ministry of health are confirmed.

(11) in the cases of paragraph 10 are Nos. 1 and 2 prior to the initial disclosure of health information between participating health service providers 1 date and contact, 2. the full name and relevant roles of health service providers involved in the deployment, 3rd to document the information on the accessibility of health service providers, as well as information on the individuals involved 4. to contact. Information accessibility is to keep constantly up-to-date.

(12) the communication of health data under the conditions of paragraph 10 Z 1 to 3 exceptionally via fax is permitted, if 1 the fax ports (including possibilities of expression to fax terminals are installed in computer equipment) protected from unauthorized access and use are 2 phone numbers are saved in particular, numbers, regularly, especially after changes in the equipment and after reinstalling fax machines has been proven their timeliness are examined by , 3. automatic redirects, except on the respective health service provider itself, are disabled, 4 the security mechanisms supported by the device be used and 5 remote maintenance features only available only for the agreed duration of the remote maintenance enabled.

(13) the facilitated conditions can be not taken after paragraph 10 and 12, if the use of health data in accordance with the provisions of the 2nd section with consideration on the level of the technical possibilities and on the economic justification (§ 14 para 1 DSG 2000) is reasonable.

(14) for the communication of health data, the facilitated conditions apply according to para 10 or 12 for all participating health care providers if the each facilitated conditions for at least one of the participating healthcare providers according to para 10 or 12.

(15) until 30 June 2016, § 6 not on transferring health data via radio for the purpose of emergency rescue services organisation is to apply.

Authority rights and regulation appropriations

Section 28 (1) the Federal Minister of health has on the basis of this law with regulation to set: 1 the roles of health service providers, where the requirements for the establishment of additional roles the Federal Minister of health in the respective Registrar at a port) a description of the nature and extent of the activities pursued, b) the prerequisites that are to meet for the pursuit of these activities, c) the designation of the legal basis , from the resulting permission to exercise the profession, as well as d) where which it decides to transmit, 2 after hearing a notified body in accordance with section 19 are suitable for SigG, which cryptographic algorithms for the current state of network security encryption in accordance with § 6 and 3. further modalities of registration pursuant to section 9, in particular the technical requirements, the data formats, the periodicity of the updating of the data and the security requirements to be complied.

(2) the Federal Minister of health has on the basis of this law with regulation to set for the section 4 (ELGA) in addition the following: 1. the structure, format, as well as the standards in accordance with sec. 27 paragraph 7, 8 and 9, for a) dismissal letters according to § 2 No. 9 lit. a sublit. AA, b) laboratory findings in accordance with § 2 No. 9 lit. a sublit. BB, c) findings of imaging Diagnostics including any image data according to § 2 No. 9 lit. a sublit. CC and d) medication data according to § 2 No. 9 lit. b in ELGA are to use, with internationally recognized standards, the economic justification, as well as the level of the technical options with respect to the degree of detail of the structures in the affected ELGA health service providers are taken into account, 2.

which relevant interaction, non-prescription medicines in accordance with § 2 No. 9 lit. b are, 3. the structure and format, for a) following report types (§ 2 Z 9 lit. dd a sub lit.): aa) pathology findings by specialists/physicians for pathology and hospitals within the framework of outpatient treatments, bb) other medical findings in the context of outpatient treatments (hospital ambulance, independent outpatient clinics, specialist outpatient clinics, area) and cc) ambulatory care reports, as well as b) automationsunterstützt created according to art. 14 par. 2 lit. b sublit. i 2011/24/EU directive concerning the pursuit of patient rights in cross-border health care (§ 2 Z 9 lit. f) to use in ELGA are where after a uniform standardization process composed of ELGA system partners and legal advocacy organizations, if they are affected in the functions to be performed by them, structure and format according to the criteria of no. 1 to set, 4. the respective time , from which in subpara 1 lit. (a) to (d), as well as that in no. 3 lit. a and b data mentioned in ELGA in accordance with § 13 para 2 and 3 in conjunction with § 1 to save Z 1 or to determine are, 5. standards for the search function in accordance with § 13 para 5, the temporal availability, components, where it must be ensured that maintenance operations are logged used the security requirements and access protection for ELGA and thereby either only encrypted data can be viewed or a four-eyes principle is ensured , 6 scope and level of detail of the information, as well as minimum requirements for the content of the placement pursuant to § 16 para 4, 7 those points, compared to the opposition in accordance with § 15 para 2 has to be done in good time so that the entry anyway before ELGA may be revoked and in which ELGA participants receive support in the performance of their students / right, 8 setting up an ELGA Ombudsman in accordance with article 17 , 9 the establishment of terminals with Portal functionality (§ 23) as well as service centers by the ELGA-system partners, 10 is the date from a uniform nomenclature for ELGA health data (§ 2 Z 9) must be used, 11 the operators of the permission system in accordance with section 21 or the operators of the logging system in accordance with section 22 as well as 12 the start and end of test phases for ELGA in conjunction with Nos. 1, 3 and 4, including a possible , independent evaluation.

(3) before issuing a regulation referred to in paragraph 2, a hearing of the legal entity by hospitals pursuant to section 3 para 2 anyway, has to be b KAKuG, which are charged on country health fund, the General accident insurance institution as far as ASVG operates hospitals in accordance with § 24 para 2, the Austrian Medical Association, the Austrian Chamber of pharmacists, the Austrian Chamber of dentists, the Austrian Chamber of Commerce, of the Confederation, the working community of patient advocates, as well as the countries.

(4) the Federal Minister of health after consulting the respective affected legal advocacy organizations, taking into account the section 27 par. 13, has regulation for certain healthcare providers each to set the time, from the disclosure of health data under the facilitated conditions § 27, paragraph 10 and 12 is in any case no longer allowed.

(5) in the case of the enforcement of sections 16a and 18 of the Federation on the instructions of the Federal Minister for health is bound.

Adoption and entry into force of regulations

§ Must be enacted already 29 due to this Federal Act from the day following the proclamation of the performed Act provisions; they may not however into force prior to the required legal provisions.

References

Paragraph 30 refers to this Federal Act other federal laws, they should be - as far as not expressly otherwise ordered - to apply in their respectively valid version.

Enforcement

§ 31. With the execution of this federal law, the Federal Minister of health is responsible.

Article 2

Change of the General Social Security Act

The General Social Security Act, Federal Law Gazette No. 189/1955, as last amended by the Federal Act, Federal Law Gazette I no. 89/2012, is amended as follows:

1 in § 31d, the expression is "planning to the".

2 the following sentence is added to in section 81, paragraph 1:

"This information shall contain the note, also for the insured persons and their family members that ELGA participants-seekers the right general opposition (§ 15 para 2 of the Gesundheitstelematikgesetzes 2012 [GTelG 2012], Federal Law Gazette I no. 111/2012), the permanent right of inspection (article 16, paragraph 1 Z 1 GTelG 2012), the right to inclusion by ELGA health data (§ 16 par. 2 Z 1 GTelG 2012), the opposition in some cases (§ 16 par. 2 Z 2 GTelG 2012)" ", the determination of the individual access permissions for health service providers and ELGA health data (article 16, paragraph 1 Z 2 GTelG 2012) as well as the possibility of employing the ELGA Ombudsman's Office (§ 17 GTelG 2012) is open."

Article 3

Amendment of the commercial law on social insurance

The commercial Social Security Act, Federal Law Gazette No. 560/1978, as last amended by the Federal Act, Federal Law Gazette I no. 76/2012, is amended as follows:

The following sentence is added to § 43 para 1:

"This information shall contain the note, also for the insured persons and their family members that ELGA participants-seekers the right general opposition (§ 15 para 2 of the Gesundheitstelematikgesetzes 2012 [GTelG 2012], Federal Law Gazette I no. 111/2012), the permanent right of inspection (article 16, paragraph 1 Z 1 GTelG 2012), the right to inclusion by ELGA health data (§ 16 par. 2 Z 1 GTelG 2012), the opposition in some cases (§ 16 par. 2 Z 2 GTelG 2012)" ", the determination of the individual access permissions for health service providers and ELGA health data (article 16, paragraph 1 Z 2 GTelG 2012) as well as the possibility of employing the ELGA Ombudsman's Office (§ 17 GTelG 2012) is open."

Article 4

Change of the farmers social insurance law

The peasants Social Security Act, Federal Law Gazette No. 559/1978, as last amended by the Federal Act, Federal Law Gazette I no. 76/2012, is amended as follows:

The following sentence is added to § 41 para 1:

"This information shall contain the note, also for the insured persons and their family members that ELGA participants-seekers the right general opposition (§ 15 para 2 of the Gesundheitstelematikgesetzes 2012 [GTelG 2012], Federal Law Gazette I no. 111/2012), the permanent right of inspection (article 16, paragraph 1 Z 1 GTelG 2012), the right to inclusion by ELGA health data (§ 16 par. 2 Z 1 GTelG 2012), the opposition in some cases (§ 16 par. 2 Z 2 GTelG 2012)" ", the determination of the individual access permissions for health service providers and ELGA health data (article 16, paragraph 1 Z 2 GTelG 2012) as well as the possibility of employing the ELGA Ombudsman's Office (§ 17 GTelG 2012) is open."

Article 5

Change of officers sick and accident insurance act

The officials-sick and accident insurance Act, Federal Law Gazette No. 200/1967, as last amended by the Federal Act, Federal Law Gazette I no. 35/2012, is amended as follows:

The following sentence is added to § 27 para 1:

"This information shall contain the note, also for the insured persons and their family members that ELGA participants-seekers the right general opposition (§ 15 para 2 of the Gesundheitstelematikgesetzes 2012 [GTelG 2012], Federal Law Gazette I no. 111/2012), the permanent right of inspection (article 16, paragraph 1 Z 1 GTelG 2012), the right to inclusion by ELGA health data (§ 16 par. 2 Z 1 GTelG 2012), the opposition in some cases (§ 16 par. 2 Z 2 GTelG 2012)" ", the determination of the individual access permissions for health service providers and ELGA health data (article 16, paragraph 1 Z 2 GTelG 2012) as well as the possibility of employing the ELGA Ombudsman's Office (§ 17 GTelG 2012) is open."

Article 6

Modification of the genetic engineering law

The genetic engineering Act, Federal Law Gazette No. 510/1994, as last amended by the Federal Act, Federal Law Gazette I no. 13/2006, is amended as follows:

1. in the section 71, paragraph 2, the expression is "Gesundheitstelematikgesetz, Federal Law Gazette I no. 179/2004" by the expression "Gesundheitstelematikgesetz 2012, Federal Law Gazette I no. 111/2012" replaced.

2. pursuant to § 112, 113 the following paragraph with heading shall be inserted:

"Entry into force provisions

"§ 113. § 71 para 2 in the version of the electronic health record Act, Federal Law Gazette I no. 111/2012, effective with January 1, 2013."

Article 7

Amendment of the Penal Code

The criminal code, Federal Law Gazette No. 60/1974, amended by the Federal Act, Federal Law Gazette I no. 61/2012, is amended as follows:

1. in article 121, paragraph 1, the word order is after the phrase "a hospital" "or another health service provider (§ 2 No. 2 of the Gesundheitstelematikgesetzes 2012, Federal Law Gazette I no. 111/2012)" added.

2. According to article 121, paragraph 1, the following paragraph 1a is inserted:

"(1a) as well is to punish, who requires the revelation (inspection or recovery) secrets of their State of health with the intention of illegally by a person to cause harm to the acquisition or the career advancement of this or another person in case of refusal or compromise."

Fischer

Faymann