The secure exchange of medical data: telematics infrastructure
The telematics infrastructure (TI) enables the secure exchange of sensitive patient data between healthcare institutions. It is used by most citizens in Germany, for example when their electronic health card is scanned on visiting a doctor.
At a glance
- The telematics infrastructure (TI) is the German healthcare system’s self-contained network, which securely transmits medical data.
- Only technical components and applications that meet the high requirements with regard to data protection and information security are used.
- The German Federal Office for Information Security (BSI) regularly checks the technical components.
- Only registered individuals and institutions have access to the TI.
- Certain patient data can only be accessed or modified with health insurance holders’ consent.
What is the telematics infrastructure (TI)?
The word telematics combines the terms telecommunication and informatics. It refers to the networking of various IT systems and the ability to link different types of information from different sources. In the German healthcare system, the TI provides the basis for the secure digital exchange of data between medical practices, hospitals, pharmacies and other institutions.
Medical data is usually sensitive and must therefore be particularly well protected. This makes data protection and data security top priorities:
- The TI is a self-contained network that can only be accessed via special components and applications.
- All users must log in to gain access.
- Modern data encryption processes ensure that the data is protected during transmission and backups.
- Electronic signatures prevent forgery.
Who uses the telematics infrastructure?
Medical, dental and psychotherapy practices, hospitals, medical care centers (MCC), laboratories and pharmacies are connected to the telematics infrastructure as authorized health institutions. From 2024, this list will also include outpatient care facilities. Midwives, physiotherapists and inpatient care facilities can connect voluntarily. Further health professionals and public healthcare institutions will also be able to do this in the future.
Which applications does the telematics infrastructure enable?
The telematics infrastructure is the basis for various digital healthcare applications:
- Secure e-mail and data exchange (electronic doctor’s letters): health professionals and medical institutions can securely send and receive information and documents via the TI straight from management systems. For example, electronic doctor’s letters such as lab results or diagnoses, treatment and cost plans, invoices and sick leave notices.
- Comparison of the insured person’s master data on the electronic medical data card: this includes the person’s name, insurance number, date of birth and address. When read in a medical practice, this data is compared with that held by the health insurance provider and updated on the medical data card if necessary.
- E-prescriptions
- Electronic sick leave notices
Health insurance holders can also avail of the following optional services:
- Saving emergency information onto the medical data card
- Creating an electronic medication treatment plan on the medical data card, i.e. a document detailing prescribed medication and its doses
- The electronic patient record
What are electronic health records and the ePA app?
The video below explains the benefits that the electronic health record or ePA for short brings and how data is transferred.
This and other videos can also be found on YouTube
Watch nowThe privacy policy indicated there applies.
Who has access to the telematics infrastructure?
Anyone who wants to use the telematics infrastructure (TI) applications to access or exchange data must be registered and present a card for identification. The card has a digital key for the owner’s identity. Medical professionals use a personal healthcare professional ID to this end and authorized healthcare facilities a practice ID card (Praxisausweis). These are both PIN protected. Health insurance holders can connect to the TI using their electronic medical data card.
Medical practices and health institutions can only access, save or modify patient data with patients’ consent. They then use special devices to generate a secure connection: the central TI is accessed via a connector – a kind of encrypted internet router exclusively reserved for healthcare institutions – and a virtual private network (VPN). In the TI, all data is transmitted in encrypted format and securely stored on German servers.
Access to the telematics infrastructure (TI) in a medical practice: patients identify themselves with their electronic medical data card, medical professionals with a practice ID card or healthcare professional ID. Access occurs via an encrypted internet router (connector), which generates a secure connection to the TI. Within this, data is transmitted in encrypted format and securely saved.
Health professionals that access data in the context of the telematics infrastructure applications or want to exchange it must show evidence that they are entitled to it with a health professional card called a Smartcard. If required, this card is inserted into an e-health card terminal connected to the telematics infrastructure through the connector. The institution card ensuring an institution’s authorized access to the telematics infrastructure is also in this e-health card terminal.
In order to access or change certain patient data, the patient’s electronic medical data card must also be available and scanned. In purely practical terms, access is therefore only possible if the patient hands over the card for this.
How does the telematics infrastructure ensure data security?
Medical data has to be particularly well protected as it is normally of a sensitive nature. As a result, only approved components and services that meet the high requirements with regard to data protection and information security are used in the telematics infrastructure. This is continuously monitored during operations.
Furthermore, the system can only be accessed by people who are authorized to do so and show appropriate identification. Some applications also require patients’ express consent and their personal medical data card to be scanned.
To ensure long-term data protection and security, the telematics infrastructure uses an extremely high security standard with regard to encryption, which is constantly adapted to new developments. The German Federal Office for Information Security (BSI) regularly checks the encryption procedure used.
Further information about data protection and data security can be found in the article Digitization in healthcare – how does data protection work?
- gematik GmbH. Telematikinfrastruktur – das digitale Gesundheitsnetz für Deutschland. Aufgerufen am 05.10.2022.
- gematik GmbH. Whitepaper Datenschutz und Informationssicherheit in der Telematikinfrastruktur. Wir sorgen für die Sicherheit der Gesundheitsdaten. Aufgerufen am 05.10.2022.
- Kassenärztliche Bundesvereinigung (KBV). Telematikinfrastruktur. Aufgerufen am 05.10.2022.
