IT Security Policy, Section 390 of SGB V: What Medical Practices Need to Know Now


This text was generated using artificial intelligence (AI).On July 14, 2026, the Federal Office for Information Security (BSI) announced the implementation of the new IT security directive pursuant to Section 390 of SGB V. This directive establishes mandatory security standards for the protection of sensitive patient data and affects approximately 99,000 medical and psychotherapy practices as well as nearly 38,000 dental practices in Germany. The goal is to strengthen information security in private practice and increase resilience against cyberattacks.