Health and Technology

, Volume 2, Issue 2, pp 123–135 | Cite as

Risk evaluation and security analysis of the clinical area within the German electronic health information system

  • Ali SunyaevEmail author
  • Johannes Pflug
Original Paper


Germany is currently introducing a nationwide health information infrastructure. This infrastructure connects existing information systems of various service providers and health insurances via a common network. An essential step towards the implementation of this system will be the introduction of an electronic health care smart card (eHC) for patients and a counterpart health professional card (HPC) for care providers. This article provides a risk analysis on the handling of these cards by both patients and physicians from an organizational point of view. On the basis of the information security audit methodology of the Federal Office for Information Security (BSI), the currect security status of German healthcare telematics on the clinical side is evaluated. For this purpose, an appropriate framework specifically designed for the clinical area is first developed and explained in detail. Based on these perceptions it is possible to precisely check the workflows “patient admission”, “accessing emergency data” and “prescription of medicine” for inherent organizational threats. As a result, we proposed appropriate steps to mitigate potential risks and derived valuable hints for future process re-eingineering by the introduction of the new smart cards in hospitals. This article is based on our paper presented at Bled Conference 2011.


Electronic health card eHealth Organizational risk analysis Information security management 


  1. 1.
    BDSG - Bundesdatenschutzgesetz. Datenschutzrecht. DTV-Beck, München; 2009.Google Scholar
  2. 2.
    BSI - Bundesamt für Sicherheit in der Informationstechnik. Technische Richtlinie - Komfortsignatur mit dem Heilberufsausweis. Version 2.0. BSI, Bonn; 2007.Google Scholar
  3. 3.
    BSI - Bundesamt für Sicherheit in der Informationstechnik. BSI-Standard 100-2 IT-Grundschutz Methodology. Version 2.0. BSI, Bonn; 2008.Google Scholar
  4. 4.
    Dinnie G. The second annual global information security survey. Inf Manag Comput Secur. 1999;7(3):112–20.CrossRefGoogle Scholar
  5. 5.
    Gematik. Ergebnisse des Kommentierungsverfahrens (Fachkonzept Daten für die Notfallversorgung). Version 0.9.0; 2006.Google Scholar
  6. 6.
    Gematik. Facharchitektur Daten für die Notfallversorgung (NFDM). Version 1.7.0; 2008.Google Scholar
  7. 7.
    Gematik. Facharchitektur Verordnungsdatenmanagement (VODM). Version 1.5.1; 2008.Google Scholar
  8. 8.
    Gematik. Fachkonzept Versichertenstammdatenmanagement (VSDM). Version 2.8.1; 2008.Google Scholar
  9. 9.
    Gematik. Fachkonzept Verordnungsdatenmanagement (VODM). Version 2.6.0; 2008.Google Scholar
  10. 10.
    Gematik. Übergreifendes Sicherheitskonzept der Telematikinfrastruktur. Version 2.4.0; 2008.Google Scholar
  11. 11.
    Häber A, et al. Leitfaden für die Einführung der elektronischen Gesundheitskarte im Krankenhaus. Westsächsische Hochschule, Zwickau; 2009.Google Scholar
  12. 12.
    Huber M, Sunyaev A, Krcmar H. Security analysis of the health care telematics infrastructure in Germany. In: ICEIS 2008 - Proceedings of the tenth international conference on enterprise information systems. Barcelona, Spain; 2008. vol. ISAS-2, pp. 144–53.Google Scholar
  13. 13.
    ISO/IEC. 27001 - Information technology - Security techniques - Information security management systems - Requirements; 2005.Google Scholar
  14. 14.
    Jürjens J, Rumm R. Model-based security analysis of the German health card architecture. Methods Inf Med. 2008;47:409–16.Google Scholar
  15. 15.
    Kuckein C, Schermann M, Sunyaev A, Krcmar H. An exploratory study on physicians’ diligence when dealing with patient data. In: Proceedings of the 18th European conference on information systems; 2010.Google Scholar
  16. 16.
    Sunyaev A, Göttlinger S, Mauro C, Leimeister JM, Krcmar H. Analysis of the applications of the electronic health card in Germany. In: Proceedings of Wirtschaftsinformatik; 2009. pp. 749–58.Google Scholar
  17. 17.
    Sunyaev A, Kaletsch A, Mauro C, Krcmar H. Security analysis of the German electronic health card’s peripheral parts. In: Proceedings of the 11th international conference on enterprise information systems (ICEIS 2009); 2009. pp. 19–26.Google Scholar
  18. 18.
    Sunyaev A, Leimeister JM, Krcmar H. Open security issues in German healthcare telematics. In: Proceedings of the third international conference on health informatics (HealthInf 2010). Valencia, Spain; 20–23 Jan 2010. pp. 187–94.Google Scholar
  19. 19.
    Sunyaev A, Kaletsch A, Duennebeil S, Krcmar H. Attack scenarios for possible misuse of peripheral parts in the German health information infrastructure. In: Proceedings of the 12th international conference on enterprise information systems (ICEIS 2010). Funchal, Madeira, Portugal, 8–12 June 2010. Volume DISI, pp. 229–35.Google Scholar

Copyright information

© IUPESM and Springer-Verlag 2012

Authors and Affiliations

  1. 1.Faculty of Management, Economics and Social SciencesUniversity of CologneCologneGermany
  2. 2.Faculty of Computer ScienceUniversity of ViennaViennaAustria

Personalised recommendations