Please enable Javascript!

17. February 2011, Koblenz

Data Protection: Already Meeting Future Legal Compliance Requirements

CompuGroup Medical develops security technology with more than 14 patents

Koblenz, February 17, 2011: Data protection is becoming increasingly more significant, even for physicians, who belong to a special occupational category, the so- called “bearers of confidential information”. In order to warrant the security of sensitive personal data, the legislators have charged them with special duties: if physicians reveal patient-specific data to unauthorized third parties, they violate current data protection regulations and as a rule are even liable to prosecution. For that reason, CompuGroup Medical developed security technology that protects physicians from any legal conflicts, without being confined to the role of a mere spectator in the linked world of the future.

The healthcare system is undergoing a sea change: in order to take advantage of the opportunities to improve and increase quality and efficiency, healthcare systems are successively being overhauled, e.g. through the implementation of electronic health records or through the increased outsourcing of administrative tasks in the medical office and the hospital. However, that also increases the risk of personal culpability for physicians, due to a breach of his duty of care regarding data protection.

When health records leave a medical office or hospital, for example because they are being forwarded to an external service provider, the physician is personally liable for the protection of this data. He either has to obtain the patient’s express consent for data forwarding to third parties in advance, or he has to ensure that the data cannot be viewed by a third party.

Since obtaining such concrete and express declarations of consent is difficult and sometimes even impossible, third parties, such as the operator of a computer center, warrant “data protection through armored doors and confidentiality agreements”. However, armored doors can be unlocked and employees can undoubtedly be unreliable. In theory, given this scenario, it is always possible for third parties to view personal data.

This is where the physician can collide with the law, particularly with section 203 of the Penal Code because this “data protection”, warranted by third parties, is highly suspect. However, up to now there was no solution anywhere that could remedy the described deficiencies. There was no security technology that could prevent the misuse of data from the outset: the technical data protection.

This is precisely where CompuGroup Medical enters the picture: in order to protect the patient, and thereby the physician, from a technical aspect and to decrease administrative expenditures at the same time, the company has developed a number of innovative processes that have been awarded 14 international patents so far. The utilized technical building blocks meet and far exceed the legal stipulations for data protection, thereby warranting the protection of healthcare data at all times.

The implemented security measures already encrypt sensitive information in the medical office or the hospital prior to transferring it to an external network. The data is also encrypted or pseudonymised in such a way that it not only makes unauthorized access impossible, but it is also no longer necessary. This process was developed for the increasingly popular cloud systems, but can meanwhile also be utilized in regular computer centers that process data content, providing complete protection.

As soon as personal data leaves a medical office or a hospital, it can no longer be used by non-authorized parties. Only the physician or patient can review the medical data, unauthorized third parties are unable to do so for technical reasons. The physician is therefore always in compliance with the law; using the CompuGroup Medical security procedures, he can send or outsource sensitive data to third parties in a responsible manner.

About CompuGroup Medical AG
CompuGroup Medical is one of the leading e-health companies worldwide. Its software products, designed to support all medical and organizational activities in doctors’ offices and hospitals, its information services for all parties involved in the healthcare system and its web-based personal health records contribute towards safer and more efficient healthcare. The services of CompuGroup Medical are based on its unique customer base of around 370,000 doctors, dentists, hospitals and networks as well as other service providers.CompuGroup Medical is the e-health company with one of the biggest coverage among ehealth service providers worldwide. The company operates in 18 European countries as well as in Brazil, Chile, Malaysia, Morocco, Saudi Arabia, South Africa and in the USA and currently employs around 3,300 people.

Contact for media representatives:
CompuGroup Medical AG
Barbara Müller

Consultant Press & Media
P +49 (0) 261 8000-1293
F +49 (0) 261 8000-3284


Contact Press

Please contact us if you have any questions or concerns.