Consulting
Development of an individual, ideal data center concept - secure, efficient and economical
Analysis
An independent picture of the infrastructure as the basis for all decisions
Strategy
With the help of our strategy modules, we support you in aligning your IT and identify and evaluate the most important influencing factors - tailored to all current and future requirements
Project Development
We check the general conditions, keep an eye on norms and standards and develop a concept - including all necessary documents
Energy and Environmental Management
We uncover weak points and potentials in the area of energy consumption and demand, tap subsidies and accompany you through audits and certifications - all the way to the implementation of an energy management system
Documentation and Manuals
Analysis and documentation of the current and target state of your IT infrastructure in the area of documentation management, structures, procedures and processes to reduce corporate and liability risks for management and IT leadership
Certification Support
Whether it is an environmental quality mark, certification as a prerequisite for customer acquisition or a requirement from your insurer - we accompany you through the process right from the start
Engineering
We plan your data center completely from one source - independent of industry, infrastructure, location and new or model construction
Architecture
We plan sustainable architecture for your project
Technical building equipment (TGA)
The correct design and optimization of technical systems contributes to maximum energy efficiency with the professional planning of technical building equipment
Construction
We take care of the realization of data centers and the protection of your IT infrastructures, tailored to your individual needs
General contractor
You have the plan, we carry it out - right through to turnkey handover
General transferee
Everything from a single source - complete and reliable implementation of your project
Data Center Solutions
We offer you modern and sustainable implementation options - whether modular, plug-and-play or CO2-neutral
Data Center Components
We take care of every suitable component in your data center planning - environmentally, budget and resource friendly
We offer high security products for your IT infrastructure
Service
We take care of the maintenance, security and economic optimization of your IT infrastructures
Maintenance
Maintenance of existing and new equipment - reduction of possible malfunctions and failures, maintenance and checking of maintenance and service protocols, possible repair work
Preventive measures
We prevent possible weak points and uncover sources of error so that we can ensure the smooth operation of your data center
Controlling and Monitoring
Round-the-clock monitoring, 24-hour hotline exclusively for contract customers, and service level agreement (SLA)
Operating costs and energy optimization
We analyze your current situation and optimize the set screws of operating and energy costs to ensure the profitability and sustainability of your data center
Sustainable and secure data center solutions for the healthcare sector
Data centers and IT infrastructures are essential for the secure operation of clinics, hospitals and healthcare facilities. They ensure access to healthcare data and the availability of medical services. Strict standards such as the KRITIS Regulation, ISO/IEC 27001 and B3S Health regulate the security and operation of data centers, while DIN EN 50600 and TSI set standards for security and sustainability.
From 2025, the NIS2 directive will also regulate many safety-critical companies in the healthcare sector. The Data Center Group supports you in meeting these requirements and making your data center future-proof.

This European series of standards defines requirements for the availability, energy efficiency and physical security of data centers. It provides a holistic planning framework and supports sustainable, scalable and future-proof infrastructure concepts.
Operators of critical services – e.g. inpatient medical care, laboratory diagnostics, supply of medicines and medical products – must meet strict security requirements in accordance with the KRITIS Regulation. These regulations apply to all KRITIS-relevant facilities that play a critical role in healthcare provision.
The CER Directive (EU 2022/2557) introduced new requirements for the resilience of critical infrastructures. In Germany, this is being implemented via the KRITIS umbrella law, which may also affect data centers in the healthcare sector in the future. Operators must provide structured evidence of security measures – via a CER (Cybersecurity External Reporting) or an RCE (Regular Cybersecurity Evaluation). The audits are carried out by bodies recognized by the BSI. In addition, NIS2 regulates cybersecurity at the digital level.
From 2025, the NIS2 Directive will also oblige many non-KRITIS companies in the healthcare sector to implement strict security measures. These include pharmaceutical manufacturers, reference laboratories, R&D facilities and providers of healthcare and medical devices. Depending on the size of the company, they are considered “important” or “particularly important facilities” and must report incidents, manage risks and demonstrate technical and organizational protective measures.
The standard recognized by the German Federal Office for Information Security (BSI) defines security requirements for operators of critical infrastructures (KRITIS) in the healthcare sector.
The B3S standards apply to various areas of the healthcare sector:
- B3S Hospital: For healthcare in hospitals
- B3S Laboratory Diagnostics: For laboratory analytics and communication systems
- B3S Pharma: For the supply of medicines and blood/plasma
This internationally recognized standard forms the basis for a robust information security management system (ISMS) and protects health data from unauthorized access.
In addition to ISO/IEC 27001, this standard defines specific requirements for the healthcare sector in order to provide special protection for patient data and medical information. This standard is not mandatory in Germany but is a valuable addition for facilities with very high data protection requirements.
TSI certification assesses the physical security and availability of data centers based on DIN EN 50600 and offers a structured assessment in four protection classes.
The BSI's C5 catalog defines minimum security and compliance requirements for data centers that offer cloud services in the healthcare sector.
Funding programs such as the Hospital Future Fund (KHZF) have supported investments in IT security and data center infrastructure in the healthcare sector in the past. There will also be funding opportunities for digitalization and infrastructure projects in the future – we will be happy to advise you on current programs.
Data center IT and data security for the healthcare sector
We support you in identifying your requirements and implementing your individual data center solution.
Funding opportunities for IT security in the healthcare sector
Many measures to meet IT security standards such as ISO 27001, B3S Health or DIN EN 50600 are eligible for funding. Take the opportunity to make your IT infrastructure sustainable and secure with state funding.
Our experts will be happy to support you in
- Identification of suitable funding programs
- Advice on the implementation of eligible measures
- Preparation and submission of funding applications

Expertise in healthcare IT and security
Consulting expertise for BSI-KritisV and ITSiG
BSI Critical Infrastructure Ordinance (BSI-KritisV), IT Security Act (ITSiG)
Experience with projects in the healthcare sector
22 IT infrastructure projects in Germany within the last 18 months
DIN EN 50600 compliant
Certified planning and implementation according to the European data center standard

DC IT Safe: Our micro data center in cabinet format – ideal for clinics, laboratories or medical practices that require a compact, secure and energy-efficient IT solution.

DC IT Room: The server room solution with custom-made protection – for hospitals and medical facilities that value a fail-safe, standard-compliant IT infrastructure.

DC IT Container: Our modular container data center – mobile, robust and ready for immediate use, e.g. as a scalable IT expansion, interim solution or rental solution in the healthcare sector

With our planning tool for sustainable data centers, we develop the right solution together – individual, standard-compliant and future-proof.
ISO/IEC 27001 for information security, DIN EN 50600 for data centers and industry-specific standards such as B3S Health and the KRITIS Regulation are particularly relevant.
There are various government funding programs for digitalization and IT security in the healthcare sector. In addition, individual measures are also funded regardless of the sector, such as consulting on energy efficiency or the replacement of components (e.g. in cooling). Our experts will help you to identify suitable funding and will be happy to assist you with the application process.
Critical services include inpatient medical care, the supply of medicines and medical devices and laboratory diagnostics. Operators of these services must meet strict security requirements.
Whether your facility is KRITIS-relevant depends on threshold values. For example, hospitals must have more than 30,000 full inpatient cases per year to be classified as a critical infrastructure operator (KRITIS) according to the BSI Criticality Ordinance – provided they are not exclusively active in rehabilitation.
Our experts check your infrastructure against the BSI-KritisV and B3S Gesundheit and develop measures to ensure compliance with all requirements.
This standard provides comprehensive guidelines for the planning, construction and operation of data centers with a focus on availability, energy efficiency and physical security.
The NIS2 directive requires companies that provide critical services to have cyber security management, attack detection, crisis management and supply chain security. It extends the previous KRITIS requirements and requires smaller companies, such as pharmaceutical companies and reference laboratories, to take extensive security measures.
The B3S Hospital is an industry-specific security standard that defines the requirements for IT security in hospitals. It is valid until January 2025 and includes measures to ensure the availability, integrity and confidentiality of IT systems.
An information security management system (ISMS) protects sensitive healthcare data from unauthorized access and ensures compliance with data protection and security standards.
The CER/RCE Directive (EU 2022/2557) calls for greater resilience of critical infrastructures and requires operators to regularly evaluate cybersecurity measures and provide evidence of their physical security – via a CER (Cybersecurity External Reporting) or an RCE (Regular Cybersecurity Evaluation).
News, trends & industry events
Would you like to stay informed about legal changes, new developments, funding programs and relevant industry events? Subscribe to our newsletter and receive regular, detailed information straight to your inbox.
Our team of experts

Michael Wörster
Consultant Data Center Infrastructure
Team Lead


Request your personal consultation here
If you would like a free consultation, please feel free to contact us personally. Please use the contact form or simply give us a call. We look forward to hearing from you!