Home   >   Services   >   Data Privacy & Compliance   >   DiGAV – our support services

DiGAV – our support services

With the entry into force of the Digital Health Care Act (DVG) in December 2019, the basis for the entitlement of statutorily insured persons to the provision of digital health applications was created.

Digital health applications (DiGA) must successfully pass a testing procedure at the Federal Institute for Drugs and Medical Devices (BfArM) before use and be listed in the directory of reimbursable digital health applications (DiGA directory). In order to be listed in the DiGA directory, a DiGA must first meet the requirements defined in §§ 3 to 6 DiGAV:

  • security and functional capability
  • Data protection and information security
  • Quality, especially interoperability

We are your ideal partner for any requirements in the area of data protection and information security.


We support you in the context of the DiGAV with the following services:

  • Data protection advice
  • Provision of an external data protection officer
  • Establishment of an ISMS
  • Provision of an external CISO
  • Protection needs analyses
  • Implementation of penetration tests and technical security analyses
  • Assessment and development of architectures
  • Consulting during development, e.g. threat modelling
  • …and much more

Your benefits

Fulfilment of the requirements “data protection and information security” from §§ 3 to 6 DiGAV

  • Advice on data protection and information security “from a single source
  • Expertise of our experienced consultants and auditors
  • TÜV TRUST IT’s expertise has been confirmed by the Federal Office for Information Security (BSI) with certification as an IT security service provider for the areas of IS auditing, IS consulting and the performance of penetration tests.