We are pleased to announce that SRC Security Research & Consulting GmbH is now recognized by the German Federal Office for Information Security (BSI) as an expert testing body for the Technical Guideline TR-03161. This important recognition underlines our commitment to the highest security standards and our expertise in IT security testing for digital health applications.
What is the TR-03161?
The BSI’s Technical Guideline TR-03161 is a central security standard for digital health applications (DiGA) and digital care applications (DiPA). The aim of the guideline is to ensure the confidentiality, integrity and availability of sensitive medical data. It is aimed at manufacturers of:
- Mobile applications: Minimum requirements for the security of apps.
- Web applications: Protection against threats in the healthcare environment.
- Background systems: Security of cloud systems and backend infrastructures.
As of January 1, 2025, compliance with TR-03161 is mandatory for the approval of DiGA and DiPA by the Federal Institute for Drugs and Medical Devices (BfArM).
Our services as a recognized inspection body
As a BSI-recognized testing body, we offer comprehensive support for manufacturers of digital health applications:
- Quick check and preliminary test: We check in advance whether your application meets the requirements for a successful test in accordance with TR-03161.
- Pre-pentest: We use automated and manual tests to evaluate your security measures and identify potential vulnerabilities.
- TR test: We carry out the evaluation according to TR-03161 and accompany you through the certification process at the BSI.
Why is certification important?
Certification in accordance with TR-03161 offers you and your users numerous advantages:
- Fulfillment of legal requirements: Prerequisite for inclusion in the DiGA directory of the BfArM.
- Building trust: Strengthens the trust of users and partners in the data security of your application.
- Protection against attacks: Minimizes the risk of data theft or manipulation.
- Reputation protection: Prevention of potential reputational damage caused by security incidents.
Place your trust in our expertise
With over 25 years of experience in IT security testing and compliance, SRC is your trusted partner on the road to TR-03161 certification. Our expert teams work closely with you to ensure that your application meets all requirements – from initial analysis through to successful certification.
Get in touch with us
Are you ready to take your digital health application to the next level of security? Contact us for a no-obligation consultation or a customized offer.
