Pentest for DiGA

The German Federal Ministry of Health believes that the healthcare systems of the Western world are facing major challenges, particularly in the care of the elderly and chronically ill, as well as in rural regions. Digital applications in healthcare can play an important role in this. Technical Guideline TR-03161 is aimed at the manufacturers of such applications and places particular emphasis on IT security, especially the confidentiality, integrity and availability of data.
Digitization, especially in healthcare, poses risks to the security of sensitive data. A compromised end device can cause considerable financial and health damage. Manufacturers should therefore already comply with high security standards in the development phase. The confidentiality of healthcare data is particularly critical, as a data leak is irreversible and can have far-reaching social and professional consequences.
Our pentests for DiGA (web and mobile apps) are performed following TR-03161 and customers submitting our pentest reports to the BfArM have successfully had their products listed as DiGA. Please note that we currently do not offer full testing according to TR-03161.
We assume that in the long run only penetration tests according to TR-03161 will be accepted.
Until then, we already offer valuable insights that will lead you in the right direction: Request a quote