Walldorf, November 20, 2008 – After a comprehensive, multi-phased audit, TÜV Rheinland Secure IT GmbH confirms: With its large-scale suite of measures, eHealth specialist InterComponentWare ensures the protection of personal data when using the LifeSensor personal health record. The underlying processes fulfill the requirements of the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG), respectively even exceed the already high standards prescribed by law.
The audit included multiple steps: Data protection-relevant processes and their documentation were analyzed and the quality of physical infrastructures such as access control and monitoring systems was checked. The IT security of the LifeSensor personal health record was additionally subjected to a special technical test: Qualified TÜV personnel attempted both automated and sophisticated manual attacks against the LifeSensor application and personal health record to rule out possible vulnerabilities. This elaborate process ensures the quality of the test results, since no automated test software is capable of realistically simulating the many possibilities of an experienced hacker. Marcus Braun, TÜV Rheinland Secure IT GmbH account manager said, "The LifeSensor personal health record completely satisfies all security-relevant requirements. The supplier, ICW, has established comprehensive, state of the art measures that assure the highest level of security for the application.
TÜV Rheinland Secure IT GmbH is a subsidiary of the TÜV Rheinland Group. It is a leading provider of analysis, optimization and certification in the area of information technology: www.tuv.com