ZHAW study of the data volume in the health sector

The volume is growing very fast

Swiss doctors are still generating huge quantities of analogue data. However, new technologies are pushing the digitisation of the health sector forward, as are electronic patient records, which are also useful for the purposes of data protection.

Text: Christoph Widmer, Images: Strandperle,

The Swiss health sector is still using a lot of analogue data. This was confirmed by the “Swiss health data, today and tomorrow” study carried out by Swisscom Health in conjunction with the Zurich University of Applied Sciences (ZHAW). Swiss service providers are still producing 300 million A4 pages of health information every year. This is equivalent to 500,000 federal files, or 40 kilometres of files when they are laid out end-to-end. In comparison to other industries, the amount of digital data generated in the Swiss health sector is relatively low: 1,500 terabytes per year in the form of photos, x-ray images and other files. The majority of the data relates to cases of serious illness. Each inhabitant produces an average of around 23 megabytes of data every year.

Increasing data volume

Analysts expect the digital data volume in the Swiss health sector to grow around ten times faster than in all other industries on average. They predict that digital imaging processes will continue to develop and be used more widely. Wearables, mobile devices carried for prevention purposes or used in the health portals of employers, health insurers or fitness centres also continuously generate further data.

Data protection will be more important than ever

Service providers are subject to strict guidelines that dictate how health information may be used. Confidential medical information should only be exchanged via secure connections or in encrypted form, because it must be possible to trace back who transferred which data to whom, and for what purpose. Service providers are permitted to store digital health data in the Swiss cloud – without the patient’s consent. However, the cloud provider, as an auxiliary, must be qualified and must be working under the supervision of the service provider. The doctor must delegate the confidentiality and secrecy obligations in writing to the external IT service provider.


However, the doctor remains responsible for the data. He/she must also inform the patient about the risks involved in using apps and wearables. If the doctor wants to view or use the resulting data, he/she requires the patient’s consent, which the patient may provide verbally or via signature or mouse-click. In the process, the doctor must inform the patient precisely about the type, scope and purpose of the data usage.

Electronic patient records: secure and efficient

The authors of the study emphasise that not all service providers are equally familiar with the legal principles that govern how digital data may be used. However, electronic patient records could make thing clearer. Their purpose is not only to make the Swiss health sector more efficient but also to increase the quality of treatment. The Federal Law on Swiss Patient Records (EPDG) came into effect in April and standardises data protection and data security relating to the exchange of digital health data. Thus, the EPDG not only regulates security-relevant aspects relating to the opening of an electronic patient record, it also clarifies the access rights of service providers, data access in medical emergencies and the identification of patients and health professionals in the electronic patient record. Therefore, the foundation has already been laid for a digitised health sector.

More on the topic