Chaos Computer Club Dupes Healthcare System
Expensive new acquisitions are pending in German medical practices. Because they have to renew their hardware in order to be able to continue to access the “telematics” health data network. Cost point: 400 million euros. Waste of money according to the Chaos Computer Club.
Contents
Chaos Computer Club Dupes Healthcare System
German medical practices can access the “Telematik” health data network with a type of router from the Gematik company. These vice presidents offer the practices encrypted access to the “telematics infrastructure” (TI), which can be used, for example, to bill services or send e-prescriptions.
These inconspicuous, gray boxes have been in circulation since 2017. However, their expiry date is limited to five years. Because after this period, the certificates that the vice presidents need for encrypted data transmission expire.
The exchange described by the manufacturer as without alternative, it is according to the Chaos Computer Club But not: “The Chaos Computer Club (CCC) shows that the expensive hardware replacement is anything but necessary and is donating a solution to the problem free of charge.”
The business with the TI connector
Three certified manufacturers sell the TI connector. According to the CCC, these have “created an extremely lucrative cartel-like business model”. The devices have an “artificial expiry date” due to the expiration of the certificates.
In this way, the manufacturers could sell another 130,000 connectors after the past five years. However, this could be circumvented with a “simple software update”.
The CCC cites the National Association of Statutory Health Insurance Physicians, which alone estimates the TI connection costs for an average practice that are not reimbursed by health insurance at around 9,000 euros.
“Here, a cartel wants to make a fortune through strategic incompetence in the German healthcare system,” explains CCC spokesman Dirk Engling. “In doing so, immense costs for all insured persons, senseless effort for an exchange with all doctors and tons of electronic waste are accepted.”
Worse still, a repeat of the debacle in five years’ time is already being prepared.
Chaos Computer Club proposes update
However, according to the Chaos Computer Club, purchasing new connectors is unnecessary. Because a software update would be “possible with minimal effort”.
A CCC hacker was able to persuade the open source components of the connectors “with very little effort” to use not only the expiring, but also renewed certificates. However, Gematik would have to sign the new certificates in advance.
“If the contracted manufacturers of TI connectors are overwhelmed with such trivial tasks as renewing the certificates, the question arises as to whether gematik’s award criteria and contracts need to be tightened and more competent competitors found,” says Engling.
CCC wants to support practices
The CCC is now calling on the Federal Ministry of Health to “put an end to the bungling of tenders and contracts”. The Ministry of the Environment should also intervene to find a more sustainable solution instead of hardware destruction.
Finally, the CCC appeals to the manufacturers of the connectors to look for honest ways of earning a living.
The Chaos Computer Club wants to support German medical practices and clinics in importing the new software. For this, however, Gematik would have to provide the necessary signatures in advance.
Also interesting: