Consulting on telematics infrastructure (TI)
Telematics infrastructure (TI)
Securely networked, legally compliant telematics infrastructure in healthcare.
We support providers and users with data protection, security and compliance, from initial connection to ongoing data use for long-lasting IT projects.
What is the Telematics Infrastructure (TI)?
The Telematics Infrastructure (TI) is a secure digital networking platform for the German healthcare system, linking doctors, dentists, psychotherapists, hospitals, pharmacies and health insurers. It enables the rapid and secure exchange of medical information to improve patient care.
Key applications of the TI are the electronic patient record (ePA), electronic prescription (e-prescription), electronic work incapacity certificate (eAU), electronic medication plan (eMP), emergency data management (NFDM) and secure communication in the medical sector (KIM).
All healthcare providers, such as doctors' surgeries, hospitals and pharmacies, are legally obliged to connect to the TI in order to use these applications and ensure efficient, digital healthcare. From mid-2025, this obligation will also apply to nursing homes.
What are the challenges for providers and users of telematics infrastructure services?
The use of telemedicine and health platforms presents specific legal and organisational challenges for providers and users that require careful planning and implementation.
- Contract management:
As a user or provider of telematics infrastructure services, you need precise contractual arrangements with external service providers or customers to ensure compliance and protection. - Commitment or authorisation:
Some organisations in the healthcare sector need to check whether they are required or even authorised to join the TI. - Approval:
All components and services must be approved by Gematik before they can be used in the TI. For this purpose, Gematik specifies specifications for security, interoperability and other aspects. - Privacy and IT Security:
TI services are subject to particularly high privacy and IT security requirements to ensure the confidentiality and integrity of the health data processed. - Access to insured data:
Once the ePA is introduced in early 2025, organisations and institutions will have to submit special applications if they want to gain access to insured data. - KRITIS/NIS2:
Providers of TI services fall under the scope of several IT security directives, such as Kritis, NIS2 or others. Accordingly, there are extensive compliance requirements.
How we support providers and users of TI services
- Legally compliant implementation: We support you in all aspects of legally compliant implementation of TI services - both as a user of these services and as a provider and developer.
- Joining the TI: We advise you on whether you are obliged or entitled to join the TI and support you in the implementation.
- Component and service testing: We test components and services with regard to Gematik's requirements and support you in the approval process.
- Comprehensive advice on data protection and information security: We support you in complying with GDPR and other data protection regulations, as well as in the area of IT security to ensure the protection of sensitive health data.
- Data protection audits and DPIA: We conduct data protection audits and conformity assessments for you, including data protection impact assessments, and prepare legally compliant data protection declarations.
- Data protection concepts: We create the necessary access, authorisation and deletion policies, as well as anonymisation and pseudonymisation policies.
- Contract drafting and review: We draft and review contracts with service providers or customers for IT services.
- ePA applications: We support you with applications for access to insured data from the ePA as soon as this is possible.
- Extrajudicial and judicial representation: We can represent you in the out-of-court enforcement and defence of claims, as well as in administrative and judicial proceedings.
- Compliance training: We provide tailored training for your team to ensure that all employees are aware of the legal requirements in the eHealth sector.
Intro
Our motto: secure, radical, digital.
SRD is the boutique law firm for digital projects, supporting you from kick-off to go-live. We combine technical innovation with compliance. We create radically clear legal scope for this.
Our awards
Our market solutions
The initial consultation is free of charge
We will provide you with a clear roadmap in just 30 minutes.
Tell us what you need and we will clearly explain what is possible.
Lawyer, Senior Associate | Berlin
Contact us
Your experts in health & life sciences
Lawyer, Senior Associate Berlin
Lawyer, Senior Associate Berlin
Lawyer Berlin