Gematik Security Assessments
Are you looking for a trustworthy partner for the preparation of Gematik product or security assessments?
SRC GmbH is a leading independent company in the field of IT security and consulting services. Our team of highly qualified experts supports you in securing your IT systems and in complying with legal and regulatory requirements.
We specialise in the assessment and certification of products and services in the healthcare sector, particularly in the area of telematics infrastructure. On this page you can learn more about our comprehensive services, including product assessments, security assessments and consultancy services for regulated and non-regulated healthcare sectors.
Let our experts support you in the development and certification of your digital solutions in the healthcare sector and benefit from our many years of experience.
Product expertise telematics infrastructure
Products that are to become part of the telematics infrastructure in the health care system must meet various requirements for functionality, interoperability and security in order to be approved by gematik GmbH.
As proof of the safety-related suitability of a product, gematik requires a so-called product expert opinion for numerous approvals.
As part of the preparation of a product expert opinion in accordance with gematik’s guideline for testing security suitability (gemRL_PruefSichEig_DS), we test and evaluate the implementation of the requirements relevant to the approval object as independent experts. SRC can draw on a broad range of expertise from specialists. We are thus in a position to offer product testing from a single source.
Many of the services and products approved by gematik today, including popular services such as the electronic patient file, the e‑prescription, the central IDP service, basic and KTR consumer or the high-speed connector as well as the associated applications or apps for insured persons have been and are being assessed by our highly qualified experts.
Benefit from our many years of experience, which goes back to the beginnings of the telematics infrastructure.
In addition to product assessments, we are also happy to prepare all other assessments required for approval by gematik, such as security assessments for your products or operating environments or, as a BSI-approved testing laboratory, Common Criteria (CC) evaluations and Accelerated Security Certifications (BSZ) and accompany you through the approval process with our experience.
Product evaluations in the (as yet) unregulated area of the health sector
At the latest with the obvious gaps in the digitisation of the healthcare system, as they came to light during the Corona pandemic, it is clear that there is a particular need for action in the digitisation of processes, not only in Germany. This trend is also reflected in the Digital Strategy for Health Care and Nursing published by the Federal Ministry of Health in March 2023. In the coming years, it is to be expected that more and more new products and services will enter the market and thus the regulatory requirements in the previously unregulated market will also gradually increase, and not only within the framework of the telematics infrastructure, even though some new products will certainly interact with it.
Especially in this grey area of (as yet) unregulated products and services, questions of security and data protection should not be taken lightly, as the legislator already provides for severe penalties here.
With our many years of experience in auditing processes and products in digitalised healthcare, from apps, server applications and hardware to processes at manufacturers and operators of such solutions, we can also support you in the non-regulated area. Furthermore, we offer modular consulting services tailored to your needs to make you fit for upcoming certifications at an early stage. Especially questions regarding secure software architecture and necessary documentation for approvals or the requirements for different approval and testing procedures can be clarified already in the planning phase and save you from costly surprises later on.
Contact person:
Dr. Jens Putzka, eHealth Product Expertise
+49 (228) 2806 — 162
jens.putzka@src-gmbh.de, gutachten_ti@src-gmbh.de
Contact person
