1. How did Climedo Health and SAS Institute become involved in the development and on what terms and conditions?
In the context of the Coronavirus pandemic, the need for digital support systems to monitor symptoms became clear to German health authorities. For this reason, the BMG conducted a market analysis, which ultimately resulted in the symptom diary that is now being pursued. Both companies are developing the project as equal partners.
2. Which tasks will each of the two companies take on in the development?
The digital symptom diary is intended to relieve both the health authorities and citizens in quarantine. It is an internet platform. The diary can be easily accessed as an online questionnaire by affected persons from any internet-capable end device. For the work of health authorities, for example, it is important to know how many people are in quarantine. Thanks to the cooperation between Climedo Health GmbH and SAS Institute GmbH, both the functionalities of symptom reporting (Climedo Health GmbH) and anonymised data analysis and reporting (SAS Institute GmbH) can be integrated into the solution.
3. What security standards are there for the transmission and storage of data?
In principle, the data is secured and encrypted with state-of-the-art technology both in transmission and storage. In addition, the BSI has already carried out a more in-depth technical examination of data security in order to ensure compliance with these highest security standards. Furthermore, no data is used in analytical data processing or analyses are carried out that would allow conclusions to be drawn about the identity of individual citizens.
4. Where are sensitive health data stored?
The platform itself is subject to the highest standards of data protection and information security. For this reason, data storage in a secure server environment of the “Informationstechnikzentrum Bund” (ITZBund) is implemented in live operation.
5. When and how is coordination with the data protection authorities carried out?
The Federal Commissioner for Data Protection and Freedom of Information is already involved. In addition, the respective data protection officers are involved at the level of each participating health authority.
6. Are there plans to test the platform in a pilot project before the launch? Details?
In order to determine the final, functional and non-functional requirements for the platform, individual health authorities are already involved in the development in a pilot phase. Other public health authorities are welcome to participate.
7. When will the platform be ready?
A first, final release of the solution is currently being developed. Broader availability is planned upon completion of the data protection law tests and the existence of a final penetration test of the Federal Office for Information Security and is to take place in the next few weeks.