Home > Services > Data Privacy & Compliance > DiGAV – our support services

DiGAV – our support services

With the entry into force of the Digital Health Care Act (DVG) in December 2019, the basis for the entitlement of statutorily insured persons to the provision of digital health applications was created.

Digital health applications (DiGA) must successfully pass a testing procedure at the Federal Institute for Drugs and Medical Devices (BfArM) before use and be listed in the directory of reimbursable digital health applications (DiGA directory). In order to be listed in the DiGA directory, a DiGA must first meet the requirements defined in §§ 3 to 6 DiGAV:

security and functional capability
Data protection and information security
Quality, especially interoperability

We are your ideal partner for any requirements in the area of data protection and information security.

Approach

We support you in the context of the DiGAV with the following services:

Data protection advice
Provision of an external data protection officer
Establishment of an ISMS
Provision of an external CISO
Protection needs analyses
Implementation of penetration tests and technical security analyses
Assessment and development of architectures
Consulting during development, e.g. threat modelling
…and much more

Your benefits

Fulfilment of the requirements “data protection and information security” from §§ 3 to 6 DiGAV

Advice on data protection and information security “from a single source
Expertise of our experienced consultants and auditors
TÜV TRUST IT’s expertise has been confirmed by the Federal Office for Information Security (BSI) with certification as an IT security service provider for the areas of IS auditing, IS consulting and the performance of penetration tests.