Privacy Mental Models of Electronic Health Records: A German Case Study


Rebecca Panskus, Ruhr-University Bochum; Max Ninow, Leibniz University Hannover; Sascha Fahl, CISPA Helmholtz Center for Information Security; Karola Marky, Ruhr-University Bochum and Leibniz University Hannover


Central digitization of health records bears the potential for better patient care, e.g., by having more accurate diagnoses or placing less burden on patients to inform doctors about their medical history. On the flip side, having electronic health records (EHRs) has privacy implications. Hence, the data management infrastructure needs to be designed and used with care. Otherwise, patients might reject the digitization of their records, or the data might be misused. Germany, in particular, is currently introducing centralized EHRs nationwide. We took this effort as a case study and captured privacy mental models of EHRs. We present and discuss findings of an interview study where we investigated expectations towards EHRs and perceptions of the German infrastructure. Most participants were positive but skeptical, yet expressed a variety of misconceptions, especially regarding data exchange with health insurance providers and read-write access to their EHRs. Based on our results, we make recommendations for digital infrastructure providers, such as developers, system designers, and healthcare providers.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {289504,
author = {Rebecca Panskus and Max Ninow and Sascha Fahl and Karola Marky},
title = {Privacy Mental Models of Electronic Health Records: A German Case Study},
booktitle = {Nineteenth Symposium on Usable Privacy and Security (SOUPS 2023)},
year = {2023},
isbn = {978-1-939133-36-6},
address = {Anaheim, CA},
pages = {525--542},
url = {},
publisher = {USENIX Association},
month = aug

Presentation Video