The German government plans to invest approximately €2 billion in a national cybersecurity programme aimed at strengthening the resilience of the healthcare sector. The initiative, which runs until 2029, was announced by Tino Sorge, Parliamentary State Secretary at the Federal Ministry of Health, during the Digital Health Forum.
According to Sorge, the funding demonstrates that, despite economic pressures, targeted investments in critical infrastructure remain a priority. He called on healthcare organisations to actively apply for funding and participate in the programme. “If infrastructure is not resilient, if hospitals are attacked, data becomes unavailable and operating theatres shut down, this has direct consequences for patient care,” Sorge stated, underlining that digitalisation is no longer an abstract issue but a core component of healthcare delivery.
Digital transformation
Beyond cybersecurity, the German Ministry of Health is working on broader digital reforms, including the proposed Health Data and Innovation Act (GeDIG). The legislation aims to accelerate the adoption of digital health tools, including the telematics infrastructure and the electronic patient record.
Sorge emphasised that increasing public acceptance of digital healthcare will depend on delivering tangible benefits. Simple functionalities such as push notifications, appointment scheduling and reminders are expected to play a key role in improving user experience and engagement.
At the same time, the government plans to further develop the Health Research Data Centre (FDZ) at the Federal Institute for Drugs and Medical Devices to enhance the use of health data for research and innovation.
Data quality concerns
Despite these ambitions, experts warn that significant challenges remain. Sylvia Thun from the Berlin Institute of Health at Charité has raised concerns about the current state of the FDZ, arguing that complex processes make scientific research “almost impossible.”
She also criticised the quality of available data, describing it as insufficient for meaningful research. According to Thun, improving both accessibility and data quality will be essential if Germany is to unlock the full potential of health data. Further criticism has been directed at proposed digital assessment tools within the GeDIG framework. Thun argued that the planned procedures are overly complex and do not reflect real-world clinical practice.
She also questioned the decision to allow organisations such as the National Association of Statutory Health Insurance Physicians (KBV) and the National Association of Statutory Health Insurance Funds to define requirements for these tools.
More controversially, Thun warned against granting health insurers access to personal data through so-called “real-world laboratories.” She described this approach as “highly risky,” arguing that such data should remain under the control of healthcare providers.
Balancing innovation and trust
The debate highlights the delicate balance between advancing digital innovation and maintaining trust in healthcare systems. While the German government is pushing forward with significant investments in cybersecurity and data infrastructure, stakeholders stress the need for robust governance, transparency and clinical oversight.
Without the involvement of scientific organisations such as the Association of the Scientific Medical Societies (AWMF), Thun argues, the deployment of data-driven tools could pose risks rather than benefits.
For the ICT&health sector, Germany’s approach illustrates both the opportunities and the complexities of digital transformation in healthcare. Substantial funding and political commitment are in place, but the success of these initiatives will depend on addressing practical challenges around data quality, usability and trust.
