According to research by NDR and Süddeutsche Zeitung, numerous medical practices in Germany are insufficiently protected from hackers.
This is problematic because inadequate protection can result in patient data falling into unauthorized hands. Unfortunately, this is not a hypothetical scenario, because according to research by “Panorama 3” and SZ, practices have already been hacked.
This emerges from a confidential paper from the Gematik company, which is available to “Panorama 3” and “Süddeutscher Zeitung”. Gematik is majority owned by the Federal Ministry of Health and was commissioned by it to advance digitalization in the healthcare system.
The trigger for the security gap is the connection to the so-called telematics infrastructure (TI). It is actually intended to connect practices, hospitals and pharmacies and enable various applications, including electronic patient data. According to the confidential paper, more than 90 percent of practices connected to the TI health data network have security risks - meaning that hackers could easily gain access to the sensitive health data of millions of patients.
Often the only thing missing is a firewall
IT specialist Jens Ernst has been pointing out security problems since spring 2019. The reason for the security gap is the method in which practices were connected to the TI health network. There are two methods: the so-called parallel connection method and the so-called serial connection method. With the parallel connection method, additional technical protection such as a firewall would definitely have to be provided. However, this is exactly what is apparently missing in many practices. Many practices hire private IT service providers to bring their practice to the healthcare network.
According to research by “Panorama 3” and “Süddeutscher Zeitung”, more than 90 percent of the installations were carried out in parallel operation, which was rated as critical, by May 2019. Around 115,000 practices are now connected to the health data network.
[mk_ad]
2/3 of the practices examined were uncertain
On behalf of the Bavarian Association of Medical Specialists, Prof. Harald Mathis from the Fraunhofer Institute for Applied Information Technology FIT examined 30 practices that were connected with problematic parallel operation. “A third were safe and the other two thirds were in deplorable condition,” says Mathis. IT specialist Jens Ernst sees the federal government as responsible. Among other things, he criticizes the fact that IT service providers are not state-certified.
The Ministry of Health denies the allegations. Upon request, it explains that the “IT networks in the practices are not part of the telematics infrastructure”. Safe installation is the responsibility of the practices. The company Gematik, commissioned by the Federal Minister of Health, adds that it has no contractual relationship with the service providers and “can therefore not directly influence the service providers”. According to the law, Gematik has the task of monitoring the implementation of the telematics infrastructure.
The consequences for patients can be considerable: practices with the critical parallel connection have already been hacked, as research by “Panorama 3” and SZ shows.
Federal Health Minister Jens Spahn now wants to improve the digital care law, which was passed in the Bundestag last week. The National Association of Statutory Health Insurance Physicians should develop guidelines for IT security in practices. However, this will only take effect from summer 2020.
“Panorama 3”: Tuesdays at 9:15 p.m. on NDR television. More about the show at www.NDR.de/panorama3
Source: Press portal/NDR
Also interesting:
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

