CYERSECURITYFuture-Proof Security Architecture for Healthcare Communications
Electronic patient records, digital medication plans, e-prescriptions: These applications are all key elements of the telematics infrastructure (TI). Germany’s telematics infrastructure (TI) aims to allow healthcare professionals to exchange patient data securely, rapidly and from anywhere. The platform for healthcare applications will soon see a new, flexible and therefore future-proof security architecture.
Germany’s telematics infrastructure (TI) aims to allow healthcare professionals to exchange patient data securely, rapidly and from anywhere. The platform for healthcare applications will soon see a new, flexible and therefore future-proof security architecture. The aim is to make it easier to exchange data between all parties involved as well as to facilitate access to specialist services. In conjunction with Bundesdruckerei, CompuGroup Medical, D-Trust GmbH and genua GmbH, the Fraunhofer Institute for Applied and Integrated Security AISEC has laid down the design foundations for gematik, who is responsible for the TI: Besides an architecture design based around zero trust principles and a migration plan, a demonstrator for the next-generation security architecture has also been developed. Proof of concept has also been done to demonstrate the feasibility of the architecture.
Electronic patient records, digital medication plans, e-prescriptions: These applications are all key elements of the telematics infrastructure (TI). The platform aims to deliver simple yet at the same time secure communication between medical practices, hospitals and other parties in the healthcare sector. Clinical information required for treating patients would then be available regardless of location. The national agency for digital medicine, gematik GmbH, is responsible for the TI. As well as the German Federal Ministry of Health (BMG), it counts medical associations, pharmacies, hospital and insurance groups among its stakeholders.
The telematics infrastructure is now set to have a new security architecture 2.0. TI 1.0 has so far been a standalone VPN-secured network that identifies users through smart cards for participation. However, the vast increase in TI users and ever-expanding digitalization bring with them new requirements in terms of scalability, availability, user-friendly security and mobile compatibility, which the existing security architecture can no longer meet.
Zero Trust Principles to Verify Every Access
The new TI security architecture is to be based on zero trust principles. Zero trust means that the actors in a system do not trust each other in principle, but that trust is verified on a continuous basis. This means trust is re-established every time a service’s resources are accessed and expires again afterwards. For this to happen, reliable evidence must always be provided for communication between the parties, justifying this trust.
