Electronic health card: How the Sealed Cloud protects patient data. The electronic health card (eGK) is there - and immediately causes the hustle and bustle. Because patients are not entitled to proof of insurance in paper form, even if they want to.
This decision was made by the Federal Social Court at the end of January 2020. The plaintiffs had complained about the lack of data security in the digital insurance certificate. The court, however, found the electronic health card to be GDPR-compliant. According to the “risk-based approach”, the judges had decided that the risk of a data incident was subject to the practical benefits of the eHC.
Electronic health card: minimized residual risk
Risks are an inseparable part of life. You can let them discourage you, or you can work actively to reduce the likelihood of their occurrence. This is also the case with the electronic health card. Because even a document printed on paper does not guarantee complete data security. Instead, it is more characterized by poor functionality.
So instead of turning your back on progress, you should deal with the underlying technology in order to be able to pursue optimal security strategies. For example, the insured person can keep all cards with NFC chips in an RFID security sleeve to protect them against unauthorized access. The insurer, on the other hand, is advised to store its customers' data in secure cloud storage. The data should always be stored and transmitted in encrypted form in order to nip criminal activities and data leaks in the bud.
Confidential Computing = optimal protection
In addition, sensitive patient data should only be processed on sealed servers in order to protect them as best as possible at all times. But: in order to be able to feed data into processing, it must first be decrypted. This is a technical necessity that cannot be avoided, but can be safeguarded with special protective measures. Because in decrypted form, patient data can be manipulated and stolen in a vulnerable manner - and therefore particularly in need of protection.
Uniscons Sealed Cloud offers this special protection by transferring the data to sealed servers for processing. These servers are in physical cages and are almost completely isolated from the outside world for the entire duration of the data processing. There are no interfaces or physical access options. This confidential computing approach reliably prevents unauthorized access to the unencrypted data.
Health-related information is one of the most sensitive data of all. That is why they should experience the best possible - namely complete - data protection. Data protection as offered by the Sealed Cloud.
More on this at IDgard.de
About uniscon Uniscon GmbH is a member of the TÜV SÜD Group. As part of TÜV SÜD's digitization strategy, uniscon offers highly secure cloud applications and solutions for secure and legally compliant data traffic. TÜV SÜD is a leading global technical service company with over 150 years of industry-specific experience and today more than 24.000 employees at around 1000 locations in 54 countries. In this strong network, uniscon is able to reliably implement major international projects in the areas of IoT and Industry 4.0 with the Sealed Cloud and its products. Further information on the company and the solutions: www.uniscon.com