I come from the field of and I am interested in

Case Study

System solution from genua ensures gematik-compliant networking in healthcare

Vernetzung im Gesundheitswesen genuscreen-case-studies-gematik-ready-02.png

Companies that want to have service providers connect to their IT in a reliable and scalable manner can accomplish this securely with the appropriate solutions from genua. These satisfy the strict requirements of the Gesellschaft für Telematik-Anwendungen der Gesundheitskarte (gematik, official body for the e-Health infrastructure in Germany) and of the German Federal Office for Information Security (BSI). Furthermore, the solutions are easy to implement and operate.

gematik-Compliant System Solution from genua

The system solution from genua consists of the components of the Firewall & VPN Appliance genuscreen as central firewall and VPN concentrator as well as the High Resistance Firewall genugate for secure Internet service (SIS).

Firewall & VPN Appliance as VPN Concentrator

The Firewall & VPN-Appliance genuscreen is used as a central access point for the VPN access service for service providers. It protects the network against unauthorized access; VPN connections from the connectors are accepted after careful inspection. Due to the high requirements placed on performance and availability, the solution from genua bundles several appliances together to form high-performance and fail-safe clusters. The German Federal Office for Information Security (BSI) certified genuscreen according to Common Criteria (CC) level EAL 4+ and approved it for data up to the German classification level RESTRICTED. genuscreen in the backend thereby makes an important contribution to the high security level of the overall solution.

Firewall Monitors Data Traffic for Secure Internet Service

Via the VPN connector, service providers can use the Secure Internet Service (SIS) to access medical portals on the Internet in accordance with the gematik specification. A three-level firewall solution with the High Resistance Firewall genugate as a central system ensures high-quality security. The firewall from genua analyzes all data traffic on the application level and enables virus scanning, the filtering of content, black listing, anomaly detection and much more. With a BSI certificate according to CC EAL 4+, the strong security performance of the genugate firewall has been verified by independent experts.

Protecting Telematics Infrastructure with Medical Devices: Advantages of the Solution from genua

1. Avoid cyber attacks

Remote maintenance solution from genua
If remote maintenance is not performed securely, e.g., due to insufficient identification and authentication of the service providers, gateways arise in the medical IT landscape. In the event of, e.g., damage caused by cyber attacks, important medical devices could be tampered with or even fail. There is a risk that the health of patients could be endangered.  
  • Focus on security and high availability
  • Authentication and encryption
  • Access restricted to maintenance object
  • Medical device operator has full control over the maintenance process and network opening
  • Security patches for all remote maintenance components centrally distributable

Best-possible safeguarding of medical devices in an open IT landscape.

2. Protect sensitive patient data

Remote maintenance solution from genua
Remote maintenance opens a potential point of entry for third parties into the customer's network. It is generally possible to read out highly sensitive patient data. Moreover, this data is transferred where necessary to the service provider's control center via the Internet and thereby potentially exposed. This is absolutely unacceptable with sensitive data and strict legal requirements (BDSG, GDSG, StGB).  
  • Guarantee of confidentiality
  • Access is controlled and limited exclusively to the medical device that is to undergo remote maintenance; access by unauthorized third parties beyond this network segment is blocked
  • Highly secure data encryption
  • Support of risk management (MPG and DIN EN ISO 14971)

The protection of sensitive patient data has top priority at all times.

3. Prevent the spread of malicious software

Remote maintenance solution from genua
Remote maintenance requires an opening in the target network. There is thereby a risk that malicious software can be introduced either intentionally or unintentionally by service providers or attackers. Without protective measures, malicious software can spread unhindered throughout the customer's entire IT network, spy on data, tamper with control systems and disable central medical supply devices.
  • Encryption, authentication and access control
  • Injected malicious software is encapsulated in a network segment of the maintenance object
  • Infections caused by USB sticks are limited to one network segment and can be examined and rectified there

Risk to the customer's IT landscape is kept to a minimum.

4. Retain control

Remote maintenance solution from genua
Remote maintenance requires the trust in third parties. Hospitals and other medical device operators need to open their IT network for medical device manufacturers and service providers who perform monitoring and maintenance services on high availability and complex devices.
If damages occur on remotely monitored medical systems, the question of liability quickly comes up. If the remote maintenance work cannot be understood and – above all – verified in detail, it is difficult to present the necessary evidence in the event of a legal dispute.
  • Maximum transparency for medical device operators and service providers
  • Comprehensive logging functions
  • Video recording of all processes during the remote maintenance work
  • Ability to follow all maintenance work in real time
  • Archiving of videos as well as of transferred and executed maintenance

Access can be traced in a tamper-proof manner; the evidence is clear at all times.

5. Ensure usability and easy administration

Remote maintenance solution from genua
Remote maintenance and the safeguarding of that maintenance require additional IT components in the networks of medical device operators. IT infrastructures are becoming increasingly complex and barriers arise for employees – the susceptibility to failure increases, usability decreases. Additional, specially qualified specialists become necessary for administering the remote maintenance solution as a result. 
  • Management station enables central administration
  • Convenient remote maintenance app
  • Preconfigurable processes for medical personnel and external service providers
  • Session is released, executed and completed with just a few clicks of the mouse

Access can be traced in a tamper-proof manner; the evidence is clear at all times.

Highlights of the "gematik-ready" System Solution From genua

  • High-security connection of service providers to the telematics infrastructure
  • Solution already undergoing testing and approval process at gematik
  • Compliant with the protection profile of the BSI for the VPN access service of the TI

Further Information

Checklist of BSI recommendations for secure remote maintenance: the remote maintenance solution from genua satisfies all security recommendations of the BSI.

Learn more