SRC is a central technical partner for secure digital health applications and the telematics infrastructure in Germany and underlines this role with the largest pool of gematik-approved security assessors and proven test laboratory expertise in accordance with BSI TR-03161.
Growing expertise in the telematics infrastructure
At the end of the year, SRC once again has reason to celebrate: our team continues to grow – both in terms of the number of staff and the breadth of expertise. Back in October, Duaa Elsofi and Andreas Sitta successfully qualified with gematik as security assessors for the telematics infrastructure (TI). SRC is thus further expanding its pool of gematik-approved security assessors. SRC is thus further expanding the largest pool of gematik-approved security assessors in Germany. 11 of the 43 security assessors listed with gematik come from the SRC team – clear evidence of the high level of technical expertise and trust placed in SRC in matters of IT security The gematik-approved assessors play a central role in the security assessment of TI components, e.g. the electronic patient record (ePA) or the e-prescription specialist service. They lead assessment procedures in which compliance with demanding security requirements is checked – always in accordance with the security guidelines and evaluation requirements of the BSI and gematik.
Expansion of testing laboratory expertise in digital healthcare
Another milestone: in December, Andreas Sitta was also approved by the German Federal Office for Information Security (BSI) as a tester for the Technical Guideline TR-03161. This strengthens SRC’s expertise as a testing laboratory in the healthcare sector. Tests in accordance with TR-03161 are a key component in the approval of digital health applications (DiGA) and are also increasingly being used for mobile TI applications. They form the basis for the technical and safety-related trustworthiness of digital health products. Duaa Elsofi brings her many years of experience as a BSI-recognized Common Criteria Evaluator to the role of TI assessor. Her focus is on the assessment of complex security-critical systems such as identity providers (IdPs) and applications with trusted execution environments (VAU).
Coordination and test laboratory expertise in accordance with TR-03161
Andreas Sitta, Laboratory Manager for Mobile Health Applications at SRC, has extensive experience in the evaluation of ePA specialist services, e-prescription components and health insurance apps. As coordinator of the tests in accordance with TR-03161, he is responsible for the technical coordination and quality assurance of the expert reports that form the basis for certifications by the BfArM. With these qualifications, SRC once again confirms its leading role as an independent, technically excellent testing laboratory in the healthcare sector. The combination of in-depth technical understanding, standards-compliant evaluation experience and decades of expertise in the field of secure IT infrastructures makes SRC a key partner for manufacturers, system providers and authorities.
Further information on gematik-approved security assessors can be found at:
👉 https://fachportal.gematik.de/zielgruppen/sicherheitsgutachter
