• 8 February 2021

FUTURE: FAST AND SECURE EXCHANGE OF HEALTH-RELATED DATA

FUTURE: FAST AND SECURE EXCHANGE OF HEALTH-RELATED DATA

The telematics infrastructure is intended to network all participants in the health care system. Medical information needed for the treatment of patients should thus be available more quickly and easily. The infrastructure is currently being further developed. Among other things, because the advancing digitalisation through videos of operations or high-resolution X-ray images brings with it ever larger amounts of data.

Body weight, blood pressure, blood count, X-rays: Conclusions about our health can be drawn on the basis of concrete data. Health often depends on the right data being available at the right time and in the right place. In an emergency, this can save lives. Data availability makes life safer.

Understandably, however, many are reluctant to make their health data more widely available. The information is sensitive, and data misuse is a phenomenon of our time. Health data must be secure.

The telematics infrastructure is intended to solve this problem and to network all those involved in the health system, such as doctors, psychotherapists, hospitals, pharmacies, health insurance companies, and to enable fast as well as secure communication between them. Telematics is a neologism made up of the terms telecommunications and information technology and describes the electronic storage, processing and exchange of health-related data. This can involve telemedical applications such as remote diagnosis and treatment.

Data security has top priority

At the highest security level, it enables healthcare actors to exchange information about patients. According to experts, it is the most secure framework for digital applications in the health sector and connects the various players such as doctors, dentists, psychotherapists, hospitals, pharmacies and health insurance companies with a digital network. Unlike the internet, however, it is always possible to trace which information originates from whom. In addition, it is possible to securely regulate who is allowed to access it. The telematics infrastructure is thus intended to make medical information needed for the treatment of patients available more quickly and easily. Data security has top priority.

Only authorised health institutions are connected to the telematics infrastructure and can receive the so-called connector. This corresponds roughly to a sealed internet router. Access to the telematics infrastructure is via a connector. It is similar to a DSL router, but works on a much higher security level. It establishes a so-called Virtual Private Network (VPN) to the telematics infrastructure, which enables communication completely shielded from the internet using modern encryption technologies on the basis of KIM (communication in medicine). From 1 January 2021 at the latest, all medical practices will need such a KIM communication service. Because from then on, they will be obliged under the Appointment Service and Care Act to send their patients' incapacity to work certificates electronically to the health insurance funds.

Access options to various sources

In order to access data, medical staff must identify themselves as authorised to the telematics infrastructure. This works via a physical smart card that must be inserted into the e-health card terminal, which in turn is directly connected to the telematics infrastructure via the connector. Last autumn, the Society for Telematics Applications of the Health Card (Gematik) approved the first e-health connector for use in the telematics infrastructure. This now makes medical applications such as the electronic medication plan or digital communication between service providers possible.

Currently, the telematics infrastructure is being further developed in a targeted manner. One example: according to Gematik CEO Markus Leyck Dieken, the advancing digitalisation is bringing with it ever larger volumes of data through videos of operations or high-resolution X-ray images. Gematik GmbH was founded in January 2005 by the leading organisations of the German health care system to promote the introduction, maintenance and further development of the electronic health card (eGK) and its infrastructure in Germany in accordance with the legal mandate. "For this reason, the TI should be less storage space and more a medium that creates access possibilities to various sources. It could, for example, provide keys with which authorised persons could access certain data sources," it says in the newsletter "Digital Health" of the business newspaper "Handelsblatt".

Telematics infrastructure security architecture to be reorganised

According to the report, access to the system is also to become more flexible. Until now, doctors and patients have needed three different chip cards. Practices and clinics also need a connector, a kind of router box, to access the system. In times of fingerprint sensors and online logins, this technology is a lot of things, but certainly not accepted by the users. Leyck Dieken from Gematik now wants cards and connectors to give way to a digital identity by 2023 at the latest, with which patients and doctors can access the TI conveniently and regardless of location. It goes on to say: "The TI security architecture is also to be changed. It is to be extended to various systems. In addition, it is to be automated and no longer controlled only by humans. Gematik also wants to ensure that data exchanged via the telematics infrastructure is collected under uniform standards so that it can be processed everywhere and independently of the system.

The Federal Office for Information Security is responsible for the security certification of components and products in the telematics infrastructure. Since incorrect handling of health data can be potentially life-threatening - for example, if a medication dosage could be manipulated by a factor of 10 during transmission - the requirements for all components of the telematics infrastructure meet the highest security standards. Further security arises from the complex interplay of access codes, passwords and physical authorisations.


* This text may contain translation errors as the translation was performed by an online translation tool.