Press release
Digital health applications (DiGA) process highly sensitive data and intervene directly in care processes. TÜV Informationstechnik (TÜVIT) has established itself as the leading testing center for security testing according to BSI TR-03161.
Health affects everyone. However, with digitalisation, the requirements for data protection, IT security and regulatory conformity are also growing. TÜV Informationstechnik (TÜVIT) is one of the leading testing centres in Germany, with the highest number of successfully tested digital health applications in accordance with Technical Guideline 03161 - the basis for subsequent certification by the German Federal Office for Information Security (BSI).
Relevant security framework for DiGA
Apps on prescription, telemedical care or AI-supported diagnostics: digital solutions are an integral part of modern healthcare. At the same time, sensitivity towards the processing of personal health data is increasing.
Trust is not created through innovation alone, but through verifiable security. BSI TR-03161 forms the authoritative technical security framework for digital health applications. It defines binding requirements for data protection, IT security, architecture and processes.
As a test centre recognised by the Federal Office for Information Security, TÜV Informationstechnik GmbH carries out security tests in a structured, comprehensible and independent manner
AI-based medical devices: Innovation needs independent control
In addition to traditional diagnostic medical devices, AI-based applications are becoming increasingly important, for example when analysing medical image data, making risk predictions or supporting diagnostic decisions.
However, the use of artificial intelligence increases the requirements for robustness, transparency and protection against manipulation. TÜVIT tests AI-based systems in the context of existing regulatory requirements, evaluates their security architecture and analyses potential vulnerabilities in data processing and model implementation.
Continuous audits and independent technical tests ensure that innovation potential is utilised responsibly - without compromising on security and reliability.
TÜVIT at the DMEA 2026
At DMEA 2026, TÜVIT will be demonstrating how safe digitalisation can be implemented in practice in the healthcare sector. Trade visitors will gain insights into current testing procedures, regulatory developments and requirements for DiGA and AI-based medical devices.
Digital innovation in healthcare needs verifiable security - TÜVIT provides reliable proof.
Find out more about our services relating to BSI TR-03161.
TÜV Informationstechnik GmbH (headquartered in Essen, Germany) is a renowned IT security service provider and an independent testing institute and laboratory for IT security and cyber security in digitalisation. TÜVIT has been accredited worldwide since 1995 and creates trust in security measures at the level of business processes, data, applications and technologies through vulnerability analyses, audits and evaluations. TÜVIT is a powerful partner in detecting and responding to cyber attacks and ensures rapid restoration of business capability. In this way, businesses, public authorities and operators of critical infrastructures strengthen their regulatory compliance in the areas of confidentiality, integrity and availability as well as their holistic cyber resilience and IT security in the supply chain.
Together with ALTER TECHNOLOGY, TÜVIT forms the Digital & Semiconductor business unit. The business unit is a key pillar of the TÜV NORD GROUP, a knowledge company that has stood for security and trust worldwide for over 150 years. Engineers and IT security experts in more than 100 countries ensure that companies become even more successful in the networked world.
