Healthcare – IT consulting for statutory health insurance funds, hospitals and associations of statutory health insurance physicians
Excerpt of services
Few industries combine regulatory pressure, data sensitivity, and the need for digitalization as intensely as healthcare. We know this environment from many years of project work – and provide consulting services where mistakes are not an option.
ISMS setup & certification
Based on BSI IT baseline protection and ISO 27001 – with a focus on patient data and critical infrastructure requirements.
Telematics infrastructure
Consulting on TI connection, ePA, e-prescription and ISIK interfaces according to gematik specification.
NIS-2 & KRITIS Implementation
Gap analysis, action plan and implementation support for operators in the health sector.
KHZG projects
Conception and management of digitization projects according to KHZG funding criteria.
IT-Strategie & Roadmap
Zielbild, Prinzipien und Roadmap – abgestimmt auf Transformationsziele von GKV oder Klinik.
Interim CIO / CISO
Taking on temporary management roles – with proven experience in statutory health insurance and hospitals.
Reference excerpt
Our project experience in the healthcare sector is more extensive than presented here. A large portion of our mandates are subject to strict confidentiality agreements – particularly with statutory health insurance organizations and operators of critical infrastructure, where publicly known security architectures pose an independent risk. The following excerpts show anonymized project summaries. We provide complete reference documentation upon request during tendering processes.
Statutory health insurance
Statutory health insurance · Nationwide · NDA
ISMS Implementation & ISO 27001 Certification: Development of a comprehensive ISMS according to BSI IT Baseline Protection and ISO 27001 for a statutory health insurance company with over 500,000 insured members. This included a needs assessment, risk analysis, and implementation support over 20 months. The project concluded with successful initial certification.
University Hospital
University Hospital · Maximum Care · NDA
IT Strategy & Digitalization Roadmap: Development of a multi-year IT strategy with a target vision, principles, and prioritized measures. Consulting at the CIO level, integration of KHZG funding opportunities into the roadmap. Project duration: 12 months.
Association of Statutory Health Insurance Physicians
Association of Statutory Health Insurance Physicians · State level · NDA
NIS-2 Readiness & Critical Infrastructure (KRITIS) Preparation: Gap analysis against NIS-2 and the KRITIS Regulation, creation of the security concept and action plan. Consultation on reporting obligations according to the German IT Security Act (BSIG) and coordination with BSI requirements. Completion with verifiable compliance documentation.
The project summaries are completely anonymized. We provide full reference documentation – including named contact persons on the client side – confidentially within the framework of tender procedures and upon qualified request.