Is electronic patient record (EPR) secure?

As the Swiss Federal Council has announced its intention for the electronic patient record to become a main component of the swiss healthcare system, let’s take a closer look at its security aspects.

In recent years, the electronic patient record has stirred quite a bit of digital discussion. What are its advantages? Is it really that safe? Lets’ find out in this article!

What is the electronic patient record?

Let’s start with a quick refresher. The electronic patient record (EPR) is the digital collection of a patient’s health data. It enables the sharing of medical information between patients and healthcare professionals. The EPR includes only the medical data that the patient chooses to include.

However, it’s not a duplicate of the medical file — that still falls under the responsibility of healthcare providers. The medical file may contain additional notes, such as the treating physician’s observations. In Switzerland, some healthcare professionals are already required to offer the electronic patient record!

Is the electronic patient record secure?

The EPR is considered secure, but there are some important details to know to better inform your patients. The following key points are confirmed by the official electronic patient record website (dossierpatient.ch):

Security standards governed by law

The security of the EPR is regulated by Swiss legislation. Under the

Federal Act on the Electronic Patient Record (EPRA), EPR providers must meet high standards for data protection and carry out regular audits.

Data storage and privacy protection

The security of the EPR is ensured through various means: health data is stored exclusively on servers located in Switzerland, guaranteeing the highest level of security and compliance with Swiss data protection laws. All information is also stored in encrypted form, preventing unauthorized access.

Access rights and patient control

One of the key security features is that only healthcare professionals who have been explicitly authorized by the patient can access the EPR. This means patients retain full control over their data and can grant or revoke access as needed. Employers and insurance companies have no access to this information.

Advantages and disadvantages of the EPR

Advantages of the EPR:

Convenience for patients: all information (test results, medications, vaccination certificates, etc.) is centralized in one place.
Time-saving: avoids repeat tests or delays in data transfer between specialists.
Data control: patients decide who can access which documents, and can limit access to sensitive information.
Smoother care pathway: targeted, shared access improves follow-up between healthcare providers. It’s also a great first step toward digitizing your practice.

Potential drawbacks of the EPR:

Access management errors: having patients manage access rights themselves can be a burden or lead to mistakes (forgetting, incorrect settings).
User adoption: both patients and professionals need to be familiar with the tool, which can take time.
Lack of information: if a patient restricts access to important documents, specialists may not have a complete view of the medical situation.

EPR security in a nutshell

While electronic patient records come with certain security challenges, they also offer strong solutions and help significantly reduce data breaches. In short, EPRs are not only useful for improving care quality but also for safeguarding patients’ medical data.

Not a OneDoc User yet?

Book a free demo!

On the same topic

Prepare your medical practice for TARDOC: 5 Essential steps

General practitioners

Preparing your medical practice for the transition to TARDOC: 5 practical steps

19/03/2025

How can I change my practice software without stress and without interrupting my daily work

General practitioners

How to easily offer online booking to your patients? OneDoc is compatible with your medical software!

11/02/2025