TI-Messenger for Germany’s healthcare system
A secure, data sovereign and interoperable standard built on Matrix
TI-Messenger (TI-M) is the world’s most advanced healthcare communication initiative. It is led by Gematik, Germany’s National Agency for Digital Medicine. The organization is responsible for developing and implementing the telematics infrastructure within Germany’s healthcare sector.
TI-Messenger is a real time communications standard, specified by Gematik. The standard is built on the decentralized Matrix open standard, with the addition of integrating secure authentication mechanisms with electronic health professional cards (eHBAs), electronic institution cards (SMC-B) and a central FHIR directory.
Gematik, majority-owned by Germany’s Federal Ministry of Health, has mandated TI-Messenger as the only real time communications platform within Germany’s healthcare industry. It will be used by more than 150,000 healthcare organizations, communicating across a private Matrix-based federated network. Almost all German citizens will also use Matrix-based communication when interacting with their health insurance company.
The TI-Messenger: Advancing Secure Healthcare Communication within Germany.
Usability and security
Gematik underlines the need for TI-Messenger solutions to be usable and secure.
User-friendly
Supporting more than 150,000 healthcare organizations, and millions of citizens, TI-Messenger compliant solutions need to be universally accessible, always available and high performance.
They also have to be interoperable to ensure information can flow quickly and securely between organizations.
TI-Messenger vendors - especially those creating frontend clients - need to focus on user experience.
Zero trust
Gematik has leveraged Matrix end-to-end encryption capabilities to design TI-Messenger to be a zero trust network, protecting conversations and sensitive medical data.
TI-Messenger also uses the decentralized Matrix standard to ensure digital sovereignty and interoperability.
TI-Messenger vendors need to ensure that they regularly maintain their Matrix-based systems, and are continuously in line with the latest security updates.
Secure by design
Decentralized and end-to-end encrypted, Matrix is the zero trust network that powers TI-Messenger. With health insurance firms mandated to use TI-Messenger, TI-Messenger-compliant backends must be maintained in accordance with the latest best practices and security updates from Matrix.
The Element Server Suite for TI-Messenger includes Long Term Support (LTS) to ease maintenance and includes regular security updates.
Building a certified ecosystem
To ensure a solution operates as required, hosters and vendors need Gematik to certify an entire solution as TI-Messenger compliant.
Common Matrix implementations, such as Synapse, are not inherently TI-Messenger compliant as they don’t include the additional systems that are a part of Gematik’s telematics infrastructure.
A competitive ecosystem is emerging that sees vendors focusing on their point of differentiation, while using trusted building blocks to get best-in-class components and speed time-to-market.
Hosters will compete based on how well they can serve different types of healthcare organizations, insurers will focus on price and service, developers will vie over the usability and features of their frontends.
Others, such as Element, play a more neutral role. It supports a range of hosting companies by offering a powerful server-side solution to host and manage a TI-Messenger compliant backend. It also supports solution providers in designing TI-Messenger applications for the healthcare industry, ranging from insurers to care providers including doctors, hospitals and pharmacies.
The challenge for vendors and hosters is to create their differentiator, while using as many trusted components as possible; similar to PC manufacturing or the car industry.
An exploding ecosystem
Mandating that the entire German healthcare industry adopts a new real time communication standard has ignited an entire ecosystem.
German hosting companies, such as Deutsche Telekom and STACKIT, and systems integrators like Adesso, Arvato are partnering with innovative Matrix-based firms like Element (for backends) and Famedly (for frontends).
Matrix is an open source protocol.
Organizations using TI-Messenger should ensure that their TI-Messenger partner is contributing to Matrix. There are a number of ways commercial firms can contribute to Matrix; by making their own code available as open source and contributing upstream to the project, by contracting partners that contribute to Matrix development or by joining The Matrix.org Foundation.
TI-Messenger compliant frontends
There are many TI-Messenger compliant frontends in development, serving different parts of the healthcare market. Famedly has led most of the TI-Messenger frontend configuration, having been running Matrix-based messaging for small pharmacies for more than three years, and also serving some of Germany’s largest University Hospitals. Connect2x has developed a powerful frontend SDK that enables market participants to build their own customized TI-Messenger frontend. Nordeck, a German Matrix specialist, is developing web based TI-Messenger clients that can be integrated into other solutions.
All based on the TI-Messenger standard, organizations will be able to swap frontends, or perhaps even offer their employees a choice between, say Famedly or Connect2x depending on business needs.
TI-Messenger compliant backends (aka Fachdienst)
TI-Messenger frontends can be served by any TI-Messenger compliant backend. That means every organization within the German healthcare system can not just host its own data, but also select its own backend.
For organizations that want a compliant and easy-to-manage enterprise platform, as an end-user organization or hoster, Element Server Suite (ESS) offers an advanced platform that is continually kept up to date through Long Term Support (LTS) and security patches. LTS keeps the backend stable and avoids time consuming and costly re-certifications and ensures the integrity of the backend according to the Gematik specifications mandating Matrix 1.3, which deviates from the current open source version of the popular Matrix servers.
ESS also includes configurable components such as a Secure Border Gateway (aka TI-Messenger Proxy) to control message flow, and an advanced Admin Console to ease day-to-day admin. ESS also has a range of enterprise-grade functions around auditing, and data retention.
A federated network for federal administration
Gematik’s TI-Messenger initiative will be supported by a huge private federation, based on Matrix. Only Gematik approved organizations will be allowed to join the federation.
Every participating organization will have ownership and control of its data, as they can host their own backend (or use one hosted by a service provider, such as STACKIT).
Where required connections between organizations will be controlled by a secure border gateway, called a TI-Messenger Proxy. It enforces the necessary communication rules and ensures compliance by implementing the Gematik specification.
Element’s Secure Border Gateway is the underlying building block for the TI-Messenger Proxy and a tightly integrated part of the Element Server Suite.
