Summary of the article:
“Humanity-Centered Design” cares less about designing small things and more about designing political systems that solve 21st-century problems like the climate crisis, world hunger, poverty, etc. Thus, in addition to Human-Centered design, the focus is not only on individuals but on all of humanity and all living beings and their environment.
Our main takeaways:
The most important principle is to design together with the community and not for the community. Unfortunately, this is not feasible for our small student project. What we can do, however, is to examine how the electronic health record has so far been developed past the needs of the community.
Another important principle of humanity-centered design that we would like to use for our project is to solve the root cause of the problems, not just the problem itself.
Continually testing the design isn’t feasible either, because we do not have a test group. We might show it to the other people in the course or friends and family, but those tests are not representative.
More useful resources:
• Telematics infrastructure of gematik:
https://www.gematik.de/telematikinfrastruktur
• Bitmarck’s plan for future versions of the ePA
• Disruptions in the gematik telematics infrastructure: https://fachportal.gematik.de/ti-status#c7551
More resources on the Cyber attack:
• Bitmarck’s FAQ on the cyber attack
• Tagesspiegel’s article on the cyber attack, in which interesting questions are asked:
“When one considers the major role that the ePA is to play in the future for the treatment of insured persons and also for health research, one can nevertheless ask whether it is really such a good thing that 80 out of 96 health insurance companies depend on Bitmarck for IT issues. Measured in terms of the number of insureds, the company is also systemically important, with a one-third share of the SHI market. However, the success of the ePA stands and falls with the security of the data stored there.”
(https://background.tagesspiegel.de/cybersecurity/systemrisiko-bitmarck; translated to English)
• Heise article on the cyber attack
• Especially interesting comments on the Heise article:
„Umfangreicher Artikel zum Vorfall wünschenswert„
„Völlig vernachlässigt in der bisherigen Berichterstattung …„
„„Nachwirkungen“ ist völlige Untertreibung„
• More than one week after the cyber attack, the health insurance company SBK is not even reachable via e-mail: https://www.sbk.org/
The other W-questions:
1. What is the challenge you would like to tackle?
For example, the registration process is challenging, the privacy policy is not well explained, and the utility of the app is not transparent.
We aim to address the infrastructure supporting the ePA (electronic health record) across DAK, BKK24 and TK, and explore whether they share a common backend and infrastructure, as well as the associated risks.
2. Why do you expect your engagement to be useful?
Why is that an interesting problem?
We believe that this investigation could uncover potential challenges faced by ePA providers and offer recommendations for addressing them, while also fostering a more human-centered approach to the topic.
The investigation is also useful for the insured. For decades, the main reasons for choosing a health insurance company were the offers for insured persons: particularly favorable prices or reimbursements for certain examinations and medications that are not reimbursed by other health insurance companies. With the increase in cyber-attacks, one now also has to worry about the IT service providers of health insurance companies. Which service providers are frequent victims of attacks? What is the crisis communication of the service provider and the health insurance company? How secure is my data? How long does it take after an attack for everything to get back to normal?
3. Who are your intended stakeholders?
And who might be the indirect stakeholders?
For example, elderlies, parents, people with a certain illness, etc.
Intended stakeholders involved would encompass health insurance providers, medical personnel, patients and people who want to change their health insurance company or need to choose a health insurance company for the first time, such as foreigners who want to work in Germany.
Indirect stakeholders may include the government, developers, hackers, researchers, and more.
4. Where is your user group interacting with your software?
For example, at home, in the hospital, or on the go.
Whether in the hospital, at home, or on the go, the mobility of the app enables it to be used anywhere, making it especially valuable to have readily available in case of an accident.
5. When is the user group interacting with your software?
For example, only when being in the hospital, while biking, or daily in the morning.
Every time information regarding medications or patient data is required. Besides that, users might be interested in their data outside a specific incident. Users will normally not interact with their ePA daily unless they are receiving treatment over a couple of days or weeks and have to add/look up information on a regular basis.
Unsere Reflexion der letzen Woche:
Wer hat welchen Beitrag geleistet?
Lilli hat die Aufgabe mit dem Artikel über Humanity Centered Design gemacht und angefangen, über den Cyberangriff auf Bitmarck zu recherchieren.
Christopher hat sich mit dem 5W´s beschäftigt, basierend auf dem Feedback aus dem letzten Tutorium.
Jan hat die Ergebnisse Aufgaben ergänzt und aufbereitet sowie den Blog Post veröffentlicht und einen Google Drive Ordner sowie zur Organisation erstellt.
Was habt ihr gelernt?
Der IT-Dienstleister Bitmarck hat gewaltige Macht und Verantwortung in der deutschen Gesundheitsinfrastruktur. Mehr als 80 Prozent der deutschen gesetzlichen Krankenkassen sind Kunden von Bitmarck, was insgesamt 25 Millionen Versicherte betrifft (https://www.bitmarck.de/unternehmen/ueber-uns/was-macht-bitmarck).
Das wichtigste Prinzip von Humanity Centered Design ist es, zusammen mit der Community – statt für die Community – zu designen
Was lief gut?
Wir konnten uns schnell auf unser Projektthema einigen. Insbesondere durch den kürzlich erfolgten Cyberangriff auf Bitmarck ist das Thema für uns hochaktuell, spannend, wichtig und motivierend.
Außerdem haben wir jetzt einen Google Drive Ordner, in welchem wir alle Ressourcen sammeln können.
Was möchtet ihr verbessern?
Ich (Jan) würde gerne etwas zeitiger die Aufgaben bearbeiten, komme aber persönlich nicht dazu, weil ich noch zwei andere Abgaben am Montag bzw. Dienstag habe. Wenn ich das Wochenende effektiver nutze, sollte das aber möglich sein.
Gute Zusammenfassung des Artikels und es ist in der Tat eine große Herausforderung „mit“ und nicht „für“ die Community zu gestalten. Die Gefahr beim „für“ besteht darin, dass eigene Vorstellungen umgesetzt werden.
Sie wirklich noch interessante Quellen gefunden. Könnten Sie diese bitte auslagern und in den Leseteil (Kategorie ePA) integrieren. Wirklich nur Copy&Paste. Damit ist Sie für nächstes Semester wieder verfügbar. Ansonsten ist mein Eindruck, dass das Trennen der 5W-Fragen in zwei Teile nicht sehr sinnvoll war. 😉