Gematik Security Assessments

Are you looking for a trust­worthy partner for the prepa­ration of Gematik product or security assessments?

SRC GmbH is a leading independent company in the field of IT security and consulting services. Our team of highly qualified experts supports you in securing your IT systems and in complying with legal and regulatory requirements.

We specialise in the assessment and certi­fi­cation of products and services in the healthcare sector, partic­u­larly in the area of telem­atics infra­structure. On this page you can learn more about our compre­hensive services, including product assess­ments, security assess­ments and consul­tancy services for regulated and non-regulated healthcare sectors.

Let our experts support you in the devel­opment and certi­fi­cation of your digital solutions in the healthcare sector and benefit from our many years of experience.

Product expertise telem­atics infrastructure

Products that are to become part of the telem­atics infra­structure in the health care system must meet various require­ments for function­ality, inter­op­er­ability and security in order to be approved by gematik GmbH.

As proof of the safety-related suitability of a product, gematik requires a so-called product expert opinion for numerous approvals.

As part of the prepa­ration of a product expert opinion in accor­dance with gematik’s guideline for testing security suitability (gemRL_PruefSichEig_DS), we test and evaluate the imple­men­tation of the require­ments relevant to the approval object as independent experts. SRC can draw on a broad range of expertise from specialists. We are thus in a position to offer product testing from a single source.

Many of the services and products approved by gematik today, including popular services such as the electronic patient file, the e‑prescription, the central IDP service, basic and KTR consumer or the high-speed connector as well as the associated appli­ca­tions or apps for insured persons have been and are being assessed by our highly qualified experts.

Benefit from our many years of experience, which goes back to the begin­nings of the telem­atics infrastructure.

In addition to product assess­ments, we are also happy to prepare all other assess­ments required for approval by gematik, such as security assess­ments for your products or operating environ­ments or, as a BSI-approved testing laboratory, Common Criteria (CC) evalu­a­tions and Accel­erated Security Certi­fi­ca­tions (BSZ) and accompany you through the approval process with our experience.

Product evalu­a­tions in the (as yet) unreg­u­lated area of the health sector

At the latest with the obvious gaps in the digiti­sation of the healthcare system, as they came to light during the Corona pandemic, it is clear that there is a particular need for action in the digiti­sation of processes, not only in Germany. This trend is also reflected in the Digital Strategy for Health Care and Nursing published by the Federal Ministry of Health in March 2023. In the coming years, it is to be expected that more and more new products and services will enter the market and thus the regulatory require­ments in the previ­ously unreg­u­lated market will also gradually increase, and not only within the framework of the telem­atics infra­structure, even though some new products will certainly interact with it.

Especially in this grey area of (as yet) unreg­u­lated products and services, questions of security and data protection should not be taken lightly, as the legis­lator already provides for severe penalties here.

With our many years of experience in auditing processes and products in digitalised healthcare, from apps, server appli­ca­tions and hardware to processes at manufac­turers and operators of such solutions, we can also support you in the non-regulated area. Furthermore, we offer modular consulting services tailored to your needs to make you fit for upcoming certi­fi­ca­tions at an early stage. Especially questions regarding secure software archi­tecture and necessary documen­tation for approvals or the require­ments for different approval and testing proce­dures can be clarified already in the planning phase and save you from costly surprises later on.

Contact person:
Dr. Jens Putzka, eHealth Product Expertise
+49 (228) 2806 — 162
jens.putzka@src-gmbh.de, gutachten_ti@src-gmbh.de

Contact person

Dr. Jens Putzka

Dr. Jens Putzka

Gematik Security Assessments