Applications in the healthcare sector: TÜVIT receives accreditation for BSI TR-03161



February 16, 2023



Cyber Security

With the receipt of the official accreditation, TÜVIT will carry out tests according to BSI TR-03161 with immediate effect. The technical guideline serves as a guideline for manufacturers of applications in the healthcare sector when creating secure solutions.

Records of pulse and heart rate, sleep data or medication plans: healthcare applications store and process a lot of personal and sensitive data. If these fall into the hands of attackers, this can sometimes have serious consequences – both for users and for manufacturers. It is therefore all the more important to protect corresponding applications from data theft or misuse as best as possible.

With the successful accreditation according to BSI TR-03161, TÜV Informationstechnik (TÜVIT) now offers manufacturers of applications in the healthcare sector tests according to the security requirements of the technical guideline. The aim of the TR is to protect the confidentiality, integrity and availability of sensitive data collected by healthcare applications. Therefore, the BSI TR-03161 contains a set of minimum requirements for the IT security of mobile applications, web applications and background systems in the healthcare sector. In addition, it can also be understood as a guideline for all applications that store or process sensitive data.

According to TR-03161, the IT security experts at TÜVIT check, among other things, the purpose, the architecture, the source code, the cryptographic implementation and the data security of corresponding applications. In doing so, they consider, for example, that the health application does not collect and process any data that does not serve its legitimate purpose, or examine whether IT security is taken into account as an integral part of the software development and life cycle. In addition to the testing aspects, TR-03161 also includes typical threat scenarios. In order to determine the resistance of applications to these, experienced pentesters from TÜVIT carry out targeted vulnerability analyses and penetration tests.

If a health application meets the requirements of BSI TR-03161, the Federal Office for Information Security (BSI) issues the desired certificate.

For manufacturers and operators of digital health applications (DiGA), the certificate according to BSI TR-03161 is also one of the necessary prerequisites for being included in the list of reimbursable digital health applications.

Mobile Road Blocker M30 from Hörmann

Apr 5, 2024

Flexible and certified protection for events Public festivals, music events or Christmas markets - open-air events require appropriate security concepts to provide the best possible protection for the people on site. An important part of this concerns the protection...

Bitkom Research: The smartphone is used for an average of 2.5 hours per day

Mar 19, 2024

Around 30 minutes of this is spent making calls The under-30s spend the most time on their smartphones The smartphone is an integral part of everyday life for the majority of its users. The average usage time is currently around 150 minutes per day. This is the result...

Eliminate Distortion in Wide Angle Lenses with Linear Optical Technology®

Mar 17, 2024

By Mark Peterson, VP Advanced Technology at Theia Technologies. Today’s megapixel cameras have many advantages as long as you have the right lens for the job. When that includes covering large areas or reducing cost by installing fewer cameras, that lens is a wide...

February 16, 2023

Cyber Security

Related Articles

Mobile Road Blocker M30 from Hörmann

Bitkom Research: The smartphone is used for an average of 2.5 hours per day

Eliminate Distortion in Wide Angle Lenses with Linear Optical Technology®

Sitemap

Information

Newsletter Sign Up

Thank you!