Product/Version

telemed.net

Product enabling secured direct communication between medical doctors

Version 2.11

View the telemed.net certificate

Cert. No.

DE-080008p

Validity

12/2009 until 31/12/2011
expired

Public Report

telemed.net public report [PDF]

Manufacturer/Provider

Image

Telemed Online Service für Heilberufe GmbH
Maria Trost 21
56070 Koblenz, Germany

BEST

The usage of the product telemed.net supports the principle of data minimisation and the usage of at least invasive technology with regard to direct communication between medical professionals in an effective way by encryption and secured data file transmission.

ATTENTION:

Users of the product (medical professionals) have to be aware that they are not allowed to process names of patients in relation to sensitive data in the sense of Art. 8 of Directive 95/46/EC. Medical doctors are only allowed to disclose patient data with the explicit consent of the patient to other medical professionals.

The product supports medical doctors by providing a pre-formulated  agreement for obtaining the explicit and written consent of the patient.

Summary

Telemed.net is a product for secured chat-communication between medical professionals and also provides a secured data file transmission between two medical professionals.

Details

  1. Secure Message-Handling

    Telemed.net offers a chat-function, which gives the medical doctors the possibility to directly communicate with other medical professionals of different fields by a so-called transport-encryption. The product is only offered to medical doctors and hospitals.

    Main use case is the implementation of telemed.net into other Medical Doctor Information Systems (MDIS) as a white label solution.

    All messages are automatically encrypted before the message is submitted. The public key is generated at the time of registration of a user and its public part is stored on a Server within the network. The private part of the key is stored on the system of the user.  Additionally the transport of the encrypted message is also encrypted via SSL. Messages are encrypted (ECC/AES) until decryption on the recipient's system. Messages are preserved until they are retrieved or until they are removed by deletion of the account.
  2. Exchange of files

    The second function of the product is the exchange of data in a file between users. The file-exchange modalities depend on the use of the MDIS which is not part of the target of evaluation. Instant Messages (IM) and documents are encrypted with the public key of the medical doctor receiving the file.

    Another possibility to exchange information is facilitated by the patient, as the receiving medical doctor might not be known at the time of sending the information. This transfer is conducted by forwarding of selected medical information of a patient (from his MDIS) to another (unknown) doctor via telemed.net. The patient receives a paper printed barcode for his chosen medical doctor who can scan the code and decrypt the stored data for the MDIS. In this case the patient has full access control.

    Technical Evaluator

    B3 Informationstechnologie
    Andreas Bethke
    Papenbergallee 34
    25548 Kellinghusen, Germany
    ab@datenschutzkontor.de

    Legal Evaluator

    Stephan Hansen-Oest
    Neustadt 56
    24939 Flensburg, Germany
    sh@datenschutzkontor.de

    Image

    European Privacy Seal for telemed.net 

    Image

    Disclaimer:

    This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk. For more information please go to EuroPriSe Terms & Conditions

    © 2008 - 2019 | EuroPriSe GmbH - European Privacy Seal | Handelsregister-Nr. (Commercial Register No.): Bonn HRB 20387

    No responsibility for the accuracy of the information. Contact | Privacy Notice | Imprint

    Product/Version

    REISSWOLF f.i.t.

    v1.5; service function as provided in 05/2018

    Qualification: IT product and IT-based service (processor service)

    View the REISSWOLF f.i.t. certificate

    Version of Certification Criteria

    11/2011

    Cert. No.

    EP-S-X5TSCN

    Validity

    24/05/2018 - 31/05/2020

    Monitoring

    01/2019

    09/2019

    Public Report

    f.i.t. Short Public Report Image Image 

    Manufacturer/Provider

    REISSWOLF Systems GmbH

    Im Heegen 13
    22113 Oststeinbek
    Germany

    BEST

    Access policies can be used to restrict system usage to specific times of the day and/or IP addresses to reduce the attack vector for third-party access. A user session is controlled by means of a cross-tab synchronised session countdown.

    ATTENTION

    Regarding the processing of personal data on third persons by means of f.i.t., it must be highlighted that the (usually) corporate users of the service qualify as controllers whereas REISSWOLF Systems GmbH acts as a processor on behalf of the users. Customers are advised that the legitimate use of the service may require the collection of the data subject's consent and/or declaration of release from confidentiality.

    SUMMARY

    REISSWOLF f. i. t. is a web-based archiving system for data storage and access. It serves the purpose of uploading, storing, managing and exchanging data in the sense of a document management system. f.i.t. is a web application that can be used with common internet browsers. 

    DETAILS

    REISSWOLF f. i. t. is primarily designed for commercial use. It is distributed by REISSWOLF Systems GmbH and operated as Software as a Service (SaaS) in a data center in Germany.

    The ToE includes

    • The web-based service REISSWOLF f.i.t. (for details, please cf. the short public report)

    It does not include

    • REISSWOLF f.i.t. mobile app
    • REISSWOLF f.i.t. hotfolder
    • Office module
    • Teamviewer
    • Other alternative interfaces to clients

    Technical + Legal Evaluator

    Ann-Karina Wrede
    Innungsstraße 7
    21244 Buchholz
    Germany

    Initial Certification: 05/2018

    REISSWOLF f.i.t. provides a web-based service that enables companies to upload, store, manage and exchange data in the sense of a document management system. Users of the service are controllers in respect of personal data on third persons that is processed by means of f.i.t.. The service is designed in a way that facilitates the users' compliance with EU data protection law.

    Image

    Disclaimer:

    This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk.

    Image

    European Privacy Seal for REISSWOLF f.i.t.