Digital health The secure exchange of medical data: telematics infrastructure
The telematics infrastructure (TI) enables the secure exchange of sensitive patient data between healthcare institutions. It is used by most citizens in Germany, for example when their electronic health card is scanned on visiting a doctor.
At a glance
- The telematics infrastructure (TI) is the German healthcare system’s self-contained network, which securely transmits medical data.
- Only technical components and applications that meet the high requirements with regard to data protection and information security are used.
- The German Federal Office for Information Security (BSI) regularly checks the technical components.
- Only registered individuals and institutions have access to the TI.
- Certain patient data can only be accessed or modified with health insurance holders’ consent.
What is the telematics infrastructure (TI)?
The word telematics combines the terms telecommunication and informatics. It refers to the networking of various IT systems and the ability to link different types of information from different sources. In the German healthcare system, the TI provides the basis for the secure digital exchange of data between medical practices, hospitals, pharmacies and other institutions.
Medical data is sensitive and must therefore be particularly well protected. This makes data protection and data security top priorities:
- The TI is a self-contained network that can only be accessed via special components and applications.
- All users must log in to gain access.
- Modern data encryption processes ensure that the data is protected during transmission and backups.
Who uses the telematics infrastructure?
Certain healthcare facilities are required to connect to the telematics infrastructure (TI). These include:
- hospitals
- medical care centers (MCCs)
- medical practices
- dental practices
- psychotherapy practices
- labs
- pharmacies
People belonging to other healthcare professions, such as midwives and physiotherapists, can use the TI on a voluntary basis.
Which applications does the telematics infrastructure enable?
The telematics infrastructure is the basis for various digital healthcare applications:
- Secure e-mail and data exchange (electronic doctor’s letters): health professionals and medical institutions can securely send and receive information and documents via the TI straight from management systems. For example, electronic doctors’ letters such as lab results or diagnoses, treatment and cost plans, invoices and sick leave notices.
- Comparison of the insured person’s master data on the electronic medical data card: this includes the person’s name, insurance number, date of birth and address. When read in a medical practice, this data is compared with that held by the health insurance provider and updated on the medical data card if necessary.
- E-prescriptions
- Electronic sick leave notices
Health insurance holders can also avail of the following optional services:
- Saving emergency information onto the medical data card
- Creating an electronic medication treatment plan, i.e. a document detailing prescribed medication and its doses
- The electronic patient record
Who has access to the telematics infrastructure?
Anyone who wants to use the telematics infrastructure (TI) applications to access or exchange data must be registered and present a card for identification. The card has a digital key for the owner’s identity. Medical professionals use a personal healthcare professional ID for this purpose, while authorized healthcare facilities use a practice ID card (“Praxisausweis”). Both of these are PIN protected. Health insurance holders can connect to the TI using their electronic medical data card or health ID.
Medical practices and health institutions can only access, save or modify patient data with patients’ consent. They then establish a secure connection, whereby the central TI is accessed via special connectors or a TI Gateway and a virtual private network (VPN). A connector is a type of encrypted internet router exclusively reserved for healthcare institutions. However, a connector is not required in every practice. There are large data centers that make high-speed connectors available to a large number of practices. These fast connectors are also referred to as a “TI Gateway”. In the TI, all data is transmitted in encrypted format and securely stored on German servers.
Health professionals that access data in the context of the telematics infrastructure applications or want to exchange it must show evidence that they are entitled to do so with a health professional card called a Smartcard. If required, this card is inserted into an e-health card terminal connected to the telematics infrastructure through the connector. The institution card ensuring an institution’s authorized access to the telematics infrastructure is also in this e-health card terminal.
In order for certain patient data of a patient with statutory health insurance to be accessed or changed, the patient’s electronic medical data card must be available and scanned. People with private insurance must grant access via the ePA app.
More information about the telematics infrastructure and about access options in particular is available on the website of the German National Agency for Digital Medicine (Nationale Agentur für Digitale Medizin, gematik).
Health professionals that access data in the context of the telematics infrastructure applications or want to exchange it must show evidence that they are entitled to it with a health professional card called a Smartcard. If required, this card is inserted into an e-health card terminal connected to the telematics infrastructure through the connector. The institution card ensuring an institution’s authorized access to the telematics infrastructure is also in this e-health card terminal.
In order to access or change certain patient data, the patient’s electronic medical data card must also be available and scanned. In purely practical terms, access is therefore only possible if the patient hands over the card for this.
How does the telematics infrastructure ensure data security?
Medical data has to be particularly well protected as it is of a sensitive nature. As a result, only approved components and services that meet the high requirements with regard to data protection and information security are used in the telematics infrastructure. This is continuously monitored during operations.
Furthermore, the system can only be accessed by people who are authorized to do so and show appropriate identification. Some applications also require patients’ express consent and their personal medical data card to be scanned. People with private insurance must grant access via the ePA app.
To ensure long-term data protection and security, the telematics infrastructure uses an extremely high security standard with regard to encryption, which is constantly adapted in accordance with new developments. The German Federal Office for Information Security (BSI) regularly checks the encryption procedure used.
Further information about data protection and data security can be found in the article Digitization in healthcare – how does data protection work?
- gematik GmbH. Telematikinfrastruktur – das digitale Gesundheitsnetz für Deutschland. Aufgerufen am 31.01.2025.
- gematik GmbH. TI-Anbindung. Ihr Weg in die Telematikinfrastruktur. Aufgerufen am 31.01.2025.
- gematik GmbH. Whitepaper Datenschutz und Informationssicherheit in der Telematikinfrastruktur. Wir sorgen für die Sicherheit der Gesundheitsdaten. Aufgerufen am 31.01.2025.
- Kassenärztliche Bundesvereinigung (KBV). Telematikinfrastruktur. Aufgerufen am 31.01.2025.
Reviewed by the German National Agency for Digital Medicine (gematik).
As at:
