medavis Web Applications Pass Pen Tests
Security of Patient Data
The penetration tests (pen tests) were carried out by usd AG in accordance with the recommendations and guidelines of the German Federal Office for Information Security, the Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP) and the requirements of the Payment Card Industry Data Security Standard (PCI DSS).
Not only the medavis applications were the subject of testing, but all components necessary for the portals. For the purpose of assessing and reinforcing the security of the applications as such, no further defence mechanisms such as web application firewalls were used in the test environment.
Improved Security Through Recurring Tests
“Patient data security is of the highest priority at medavis. That is why we regularly subject our solutions to thorough tests,” Ehsan Esmaili, Product Manager at medavis GmbH, states. “By doing so, we can ensure that threats are detected, and effective defensive measures can be taken.”