Certification

Intelligent information management.

Certification

Intelligent information management.

Our team of experts works meticulously

An information security management system (ISMS) includes regular checks of the most important suppliers. We carry out a supplier audit on your behalf and prepare a detailed audit report, which can also serve as proof, for example, in the context of order processing (in accordance with the EU GDPR or BDSG). Before starting an ISMS implementation project, it should first be investigated whether and to what extent processes and associated measures have already been established and what their status is. Gaps (so-called GAPs) are identified so that we can provide specific recommendations for action for the direct path to successful certification.

Operators of critical infrastructures are legally obliged to take appropriate organizational and technical precautions to prevent disruptions to the availability, integrity, authenticity and confidentiality of their information technology systems, components or processes that are essential for the functionality of the critical infrastructures they operate. In addition, compliance with the requirements must be verified in a suitable manner at least every two years, as stipulated by the BSI Act §8a (3). The audit is intended to provide proof that IT security is state of the art. Proof can be provided through safety audits, inspections or certifications. Our lead auditors have industry-specific extensions and are approved or accredited for auditing critical infrastructures.

According to the IT Security Act, operators of critical infrastructure (KRITIS) must perform a KRITIS audit every two years. We are your competent partner for this.

GKV and KH testing association

Against the background of the GDPR and the BSIG, certain organizations are required to check the legal requirements with regard to implementation at their suppliers. The aim of the audit group is to jointly carry out data protection and information security audits of service providers and suppliers of statutory health insurance companies, clinics and hospitals in Germany.

The overlap between service providers and suppliers in the individual sectors is generally large. For this reason, the testing association bundles these audits in order to limit the workload for service providers and suppliers. In addition to conserving resources on the supplier side, this also saves the personnel resources required to carry out these data protection and information security audits on the part of the clinics and hospitals. The costs incurred are also distributed among the participating companies and organizations.

In addition, the testing community is intended to form a network for the exchange of experience between the individual companies and organizations. The testing group meets twice a year for this purpose.

Everything from a single source

Supplier audits/service provider audits

Inventories/ GAP analyses, internal audits, pre-audits

Test/verification procedure according to § 8a (3) BSIG

Formation of test groups

Your advantages at a glance

Auditors with many years of experience and industry expertise

Distribution of costs among the test participants

Conservation of resources on the part of the companies and organizations involved

Conservation of resources at service providers and suppliers

Strong network for exchanging experiences (free network meeting, twice a year)

Data protection and information security training at a preferential price

Knowing what matters

As lead auditors for an accredited certification body, we have a complete overview of the software solutions available for the tool-supported management of information security, risk management and data protection management and their application in practice. Our competent consultants have already proven in many completed projects that they can implement successful solutions for our customers with VERINICE and IRIS, for example. It goes without saying that we work independently of manufacturers and are happy to work with you to find the optimum solution.

What ourcustomers say.

"Landeskrankenhilfe (LKH) is a private health insurance company. As a mutual insurance association, LKH is not tied to a group and is independent of shareholders. HBSN has been supporting us from the very beginning in further digitizing LKH and making the specialist services of the telematics infrastructure (TI) available to our customers. We use its expertise in project management and consulting on the topics of telematics, information security, data protection and partner management. With the successful establishment of the health insurance number allocation process, we have reached a milestone and will continue to rely on the proven and valued consulting expertise of HBSN for the next steps."

Pavel Berkovitch

Member of the Management BoardLandeskrankenhilfe (LKH)

"With the professional consulting and implementation support provided by HBSN, we have created and achieved another important building block "the form center" for the expansion of our digital customer service area "My Healthcare World". We thus offer a valuable contribution to our customers in the context of digital service support and at the same time fulfill the legal obligation of the Online Access Act (OZG), which requires the provision of administrative services digitally via online access for citizens. We are delighted to have taken the next successful step in the digitalization of the healthcare sector."

Johannes Kelle

Consultant for strategic online marketingAOK Sachsen-Anhalt

"HBSN supported us actively and professionally in the "GESUNDESKONTO" project with the conception, development and project coordination. HBSN's agile approach enabled us to launch the application on time and within a very short development time. HBSN was an ideal partner for the extensive integration services into our existing system because it has the necessary experience and knowledge of the processes, the system and the operation of oscare®. That is why it is now also providing maintenance and support for the "GESUNDESKONTO". It is particularly helpful for us that we have access to everything from a single source, from consulting and design to software development, maintenance and support. The consultants impress with their structured and systematic approach, their expertise and their experience and prudence."

Wilfried Ziemer

Head of Product and BrandAOK Sachsen-Anhalt

"HBSN has been involved in the project right from the start and is supporting us professionally, innovatively and with a high level of software expertise to meet the very demanding professional and technical challenges that the connection to the TI entails. The focus here is on using the most secure and state-of-the-art technologies, especially with regard to the future expansions and innovations that will arise in the context of the digitalization of the healthcare system. In addition, HBSN's specialist knowledge of the structures and the necessary networking of the individual service providers in the healthcare sector and the technologies used is very comprehensive and knowledgeable, so that our processes are understood and optimally designed. We are delighted with the excellent cooperation."

Christian Hälker

Managing DirectorPKV-Verband

"HBSN supports us in the change, release and test management project. They accompany it from the very beginning, initially in the analysis phase, through the conception phase to implementation. The consultants impress with their specialist knowledge and methodological expertise and are the designers and drivers of change. It is also helpful that HBSN has extensive industry expertise and a broad network in the German healthcare sector. As one of the few consulting companies, HBSN also works for the important external parties involved in the change process (data center and inventory system supplier)."

Sascha Porbadnik

Head of IT Service & Business IntelligenceAOK Nordost

"HBSN provided us with expert and efficient support from the analysis to the realization of the projects for the development of BIG direkt gesund's IT strategy. All consultants have in-depth knowledge and an excellent overview of the market. It was precisely from this objective position that they also provided us with convincing support as a sparring partner for technical process optimization."

Peter Kaetsch

Management BoardBIG direkt gesund

"Thanks to the in-depth expertise of its consultants and its broad focus on the German healthcare market, HBSN is an important and very reliable partner for gkv informatik in the areas of project management, IT / data center consulting, IT security and networking."

Georg Büttner

Managing Director 2013-2020gkv informatik

"Together with HBSN, we have already successfully implemented several projects in the SHI sector. Their expertise and project experience were and are the basis for a successful collaboration and make HBSN a reliable partner at our side."

Andreas Stucke

Managing DirectorMobil ISC GmbH

"We look after more than 800,000 insured persons and repeatedly use HBSN's advice on IT strategy and project management. Together, we succeed in keeping our IT strategy flexible and adapting it to the needs of our more than 1,000 employees."

Stefan Brückner

Board Representative ITVIACTIV Krankenkasse

"Even those who are unaware of their security gaps are liable for the damage as a board member. Together with the specialists from HBSN, we have systematically searched for weaknesses in our IT system and will introduce a certified ISMS system (information security management system) in the future. Together with the HBSN, we are the first health insurance company to strive for the 'Data protection for health insurance companies' seal of approval. This puts us and our customers on the safe side."

Roland Wien

Former Management BoardVIACTIV Krankenkasse