/ Services · Telematics Infrastructure & Security
Telematics infrastructure and security
The telematics infrastructure (TI) is the backbone of digital healthcare in Germany — and one of the most heavily regulated IT environments anywhere. I support providers from TI connectivity through gematik approval to PKI and signature processes that actually work in daily practice.
What this is about
Anyone who wants to offer services to physicians, pharmacies or hospitals cannot get around the TI: connectivity, card identities, approval procedures, security assessments. The gematik specifications are extensive and change constantly — and the transition to TI 2.0 is currently shifting the very foundations many products are built on.
I know this environment from the inside: as CTO of Deutsches Gesundheitsnetz, a TI provider with its own trust centre, and before that as CIO of Netzgesellschaft Deutscher Apotheker, which is responsible for the card identities of Germany's pharmacies. I have been through approval procedures, built the requirements management for them, and know where the effort really arises — and where you can save it.
Focus areas
TI and TI 2.0 connectivity
Whether connector, TI gateway or the coming TI 2.0 services: I advise on the selection and architecture of the connection, on integrating specialist services such as the ePA electronic patient record, the e-prescription or KIM into your products, and on planning the migration from today's TI to the target architecture — before transition deadlines become a project risk.
gematik approval and requirements management
An approval rarely fails on the technology; it fails on the evidence: capturing, assessing, implementing and documenting requirements — across specification versions. I set up the requirements management for this, accompany security assessments and test procedures, and keep the process as lean as gematik allows.
PKI and trust-centre processes
Certificate lifecycles, card issuance, revocation processes: I advise on building and evaluating PKI structures in healthcare — from the SMC-B for the institution to the electronic health professional card (HBA) — and on how to design these processes to be secure and workable in everyday practice at the same time.
eIDAS-compliant signature processes
Wherever documents must be signed with legal effect, the path leads through eIDAS: qualified signatures, remote signing, seals. I help embed signature processes into care and administrative workflows so that they hold up legally and don't slow users down.
How I work
It usually starts with the question of which approvals and connections your project really needs — this is where the most expensive wrong decisions are made. Building on that, I clarify the path through specification and procedure with you and can, where wanted, also take on or accompany the technical implementation. Technically I work with modern Java and Jakarta EE (Quarkus, Vaadin) and use AI-assisted development — without giving up technical control.
Does this fit your project?
A short message is enough — I'll get back to you promptly.
Discuss a project All services