The Johanniter Competence Center GmbH (JCC), as a full-service provider for the Johanniter’s inpatient facilities, meets high security requirements for data center operations and received the “Trusted Data Center” Tier III quality seal for supply security and property protection from TÜV TRUST IT in December 2015. In a re-certification in December 2018, the high level of security was confirmed once again, and valuable cost-saving potentials were identified.
Initial Situation
Under the management of Johanniter GmbH, the work of the Johanniter’s inpatient facilities in Germany is consolidated. These include hospitals, specialist and rehabilitation clinics, medical care centers, and elderly care facilities. The central IT service provider for the facilities of Johanniter GmbH is the Johanniter Competence Center GmbH (JCC), based in Berlin. In addition to operating and supporting IT systems – down to the process level – as a full-service provider, it also handles strategic procurement for the Johanniter network. Operating a service data center is also one of JCC’s core tasks. In total, JCC supports over 130 inpatient facilities, some of which are outside the Johanniter network. To transparently demonstrate its high security standards in data center operations through a quality seal, JCC commissioned TÜV TRUST IT to certify its data center according to “Trusted Data Center” Tier III for supply security and property protection.
Approach
As part of the re-certification audit, the three protection goals – availability, confidentiality, and integrity – as well as requirements for business continuity and energy efficiency were reviewed to determine whether they still meet the defined criteria of the “Trusted Data Center” Tier III audit catalog for supply security and property protection. This catalog was developed by TÜV TRUST IT based on national and international standards and best practices. It allows data centers to be evaluated in terms of their tolerance to technical disruptions and their ability to maintain processes necessary for operational security.
During the re-certification, existing documentation was first checked for plausibility and compliance with the audit catalog. This was followed by an analysis of technical and procedural conditions. In the third step, a site inspection was conducted to compare the structural and technical aspects with the previously obtained results. The positive audit results led to the successful completion of the certification according to “Trusted Data Center” Tier III for supply security and property protection.
“The Johanniter Competence Center GmbH is a good example of how a data center can be operated reliably and securely. During the re-certification audit, it was demonstrated that the infrastructure continues to be regularly maintained and serviced,” explains Markus Weyland, auditor at TÜV TRUST IT. “The common requirements for a future-oriented data center operation were met. Particularly noteworthy is the comprehensive protection for the qualified services provided. The fundamental protection goals of availability, confidentiality, and integrity can be considered ensured.”
Benefits
With the “Trusted Data Center” re-certification, JCC ensures that its data center continues to meet high security standards. For Ralf Hörstgen, Managing Director of JCC, the renewed certification reflects the Johanniter inpatient network’s commitment to quality. “We have a responsibility to support our facilities with IT at a very high security level. The re-certification is an objective confirmation of our commitment to competence and security.”
But that’s not all: during the re-certification process, TÜV TRUST IT experts also identified that a more energy-efficient operation of the climate control systems in the data center could potentially yield annual savings in the five-digit euro range.