[Secondary Use of Electronic Medical Record Data from Primary Health Care is Feasible: Report from RADAR Project].

Objectives It is difficult to obtain longitudinal 'real world' data from ambulatory medical care in Germany in a systematic way. Our vision is a large German research data repository featuring representative, anonymized patient and outpatient health care data, longitudinal, continuously updated and across different providers, offering a perspective of linking secondary care data or additional data obtained from research cohorts, for example patient reported data or biodata, and will be accessible for other researchers. Here we report specific methods and results from the RADAR project.Methods Survey of legislation, design of technical processes and organisational solutions, with a feasibility study to evaluate technical and content functionality, acceptability and performance fitness for health services research questions.Results In 2016, a multi-disciplinary scientific team initiated the development of a privacy protection and IT security concept for data exported from the electronic medical records (EMR) of physicians' practices in line with the European General Data Protection Regulation. Technical and organisational requirements for lawful research infrastructure were developed and executed for use in a specific case, namely ̒oral anticoagulation'. In 7 Lower Saxonian general practices, 100 patients were selected by their physician and their data - reduced to 40 essential data fields - extracted from EMR via a mandatory software interface after informed consent. Still in the practice, the data were split into identifying or medical data. These were encrypted and transferred either to a trusted third party (TTP) or to a data repository, respectively. 75 patients who met our inclusion criteria (minimum of one year of oral anticoagulation treatment) received a quality-of-life questionnaire via the TTP. Of the 66 returns, 63 responses were then linked to the EMR data in the repository.Conclusion Results from RADAR project proved the technical and organisational feasibility of lawful, pseudonymised data acquisition and the linkage of questionnaires to EMR data. The protecting concepts privacy by design and data minimization (Art. 25 GDPR with Recital 78) were implemented. Without informed consent, secondary use of routine data from ambulatory care which are sufficiently anonymized but still meaningful is all but impossible under current German law.