"Data highway" of German healthcare: less hardware, more performance in future
The TI gateway is to improve Germany's "data highway of the healthcare system". Single-box connectors will no longer be needed in surgeries and clinics.
(Image: foxaon1987/Shutterstock.com)
The digitalization of the healthcare system with more and more applications should increasingly make do with less but more powerful hardware. A particular focus here is that the existing connectors, which are intended for secure data exchange via the telematics infrastructure (TI), are to be replaced by high-speed connectors (HSK) and TI gateways. The Federal Ministry of Health wants to leave the world of connectors behind, as the authority announced last year.
According to Gematik, HSKs are to be used by hospitals, care homes and similar large facilities in a first stage, making the operation of many small connectors superfluous. With HSKs and TI gateways, an infinite number of access points can theoretically be connected in future; one HSK is able to replace 4,000 of the existing individual connectors. Up to 50,000 card terminals can be connected.
More power, less hardware
The new HSK can combine the previous single-box connectors and significantly reduce the administrative workload. They also offer more performance by using standard hardware from the data center environment, which should promote the swiftness of current and future applications. In contrast to the previous single-box connectors, which were primarily designed for doctors' surgeries, HSKs are primarily useful for large facilities.
Apart from the card terminal for the electronic health professional ID card and the Secure Module Card (SMC) of the "Betriebsstätte" type – i.e. the SMC-B for the practice or clinic – the customer does not need any other hardware. However, an HSK can exclusively be used for one client, for example a hospital. The hospital must set up and operate the HSK on site. This means that an HSK is not suitable or intended for smaller facilities such as doctors' surgeries or pharmacies. For example, hospitals with separately operated medical care centers cannot use the HSK for both facilities, Janos Frank from Akquinet explains.
TI gateway
Gematik has planned the TI gateway as an alternative for the majority of facilities. Here, the HSK is virtually encased in security technology so that many users share a high-speed connector operated externally in a data center. Each client can only access their own separate instance of the high-speed connector. "Provider approval for the TI gateway requires product approval for the access module and product approval for the high-speed connector (HSK)," according to the corresponding Gematik specification.
The HSK from RISE is offered with the TI gateway, for which Rise recently received approval from Gematik. Rise thus promises "efficient and cost-effective integration, particularly for large facilities such as hospitals and care homes, but also for surgeries and mobile user groups such as midwives and nursing". Special hardware for accessing the TI is then no longer required. The access module connects users via a VPN channel. The planned protocols are IPsc/IKEv2, TLS and Wireguard; a completed security assessment of the latter will be published soon.
(Image: Gematik)
Frederic Naujokat from the manufacturer ehex compares the TI gateway to a car: "The HSK is the engine, the access module is the chassis and the intermediary is the tires." The intermediary coordinates the data flows between the systems involved, such as the practice management systems (PVS) or hospital information systems (HIS) and other services that are connected to the telematics infrastructure.
The TI gateway has an authorization management system with permitted role combinations. Roles include manufacturer, reseller, super administrator, remote administrator and local administrator.
(Image: Gematik)
As a rule, the other services of the TI gateway – the specifications recommend the integration of the KIM service, for example – are designed for redundancy, which should make failures less likely and the restoration of operations easier and faster.
According to Rise, Akquinet and ehex are in the final stages of approval. Akquinet and RISE are currently running Gematik-approved tests with hospitals on the HSK and the TI gateway. Secunet also received approval for an HSK last year, which can also be used in hospitals.
(mack)
