Karlsruhe, March 15, 2023 – medavis, leading provider of IT solutions for radiology, has had pentests conducted on its web applications – Referrer Portal, Patient Portal and Teleradiology. No security-relevant vulnerabilities were identified, as confirmed by the certificates obtained.
The penetration tests (pentests) were carried out by usd AG in accordance with the recommendations and guidelines of the German Federal Office for Information Security, the Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP) and the requirements of the Payment Card Industry Data Security Standard (PCI DSS).
Not only the medavis applications were the subject of testing, but all components necessary for the portals. For the purpose of assessing and reinforcing the security of the applications as such, no further defence mechanisms such as web application firewalls were used in the test environment.
Improved Security Through Recurring Tests
“Patient data security is of the highest priority at medavis. That is why we regularly subject our solutions to thorough tests,” Ehsan Esmaili, Product Manager at medavis GmbH, states. “By doing so, we can ensure that threats are detected, and effective defensive measures can be taken.”