CeGaT prioritises maximum compliance in digital healthcare

The Challenge

Sensitive health data, high regulation, and growing dispatch volumes

CeGaT dispatches a five-figure number of genetic reports annually to doctors and other authorised recipients. Prior to 2017, various dispatch methods were used, including post, fax, and encrypted emails. These heterogeneous channels made the uniform implementation of compliance requirements difficult, as traceability, access protection, and documentation varied depending on the dispatch method. Additionally, certain methods were time-consuming and offered limited transparency regarding when and by whom a report was actually delivered or accessed.

With the introduction of FTAPI SecuMails, digital report dispatch was placed on a secure, traceable, and consistently encrypted foundation. From the outset, the platform met the high requirements for data protection and compliance.

However, for a long time, mailings were created manually. PDF documents and recipient information had to be extracted from third-party systems and manually transferred to FTAPI. While this process was secure, it was laborious and involved potential sources of error – such as when transferring email addresses or assigning documents.

As growth increased, it became clear that the manual intermediate steps, rather than the platform's security, represented the actual scaling risk. The goal was therefore to consistently reduce these potential sources of error and fully automate the dispatch process.

End-to-end encryption without compromise

CeGaT opted for FTAPI early on, establishing a secure, traceable report dispatch system. The decisive factor was the ability to implement true end-to-end encryption. This is particularly central in an environment where recipients change frequently.

"Secure, consistently encrypted communication for any communication partner – that is the decisive added value for us," describes Tim Scheurenbrand, Director of IT at CeGaT.

A purely email-based solution was out of the question, as encrypted attachments often require additional steps for recipients, such as opening separate files or entering passwords. At the same time, CeGaT sends reports to a large number of changing communication partners. Accordingly, a solution was required that enables secure transmission even without fixed user structures and can be flexibly integrated into existing processes.

In combination with FTAPI SecuFlows Advanced, CeGaT was able to establish automated, encrypted dispatch directly linked to the upstream systems. The application replaces several manual work steps that previously had to be performed in different systems: employees used to merge report PDFs and recipient information from third-party systems and initiate dispatch manually. Furthermore, errors resulted in additional manual rework.

The Solution

Automated report dispatch with full traceability

After a report is released in the laboratory information system, the corresponding PDF is automatically sent via the FTAPI instance as an email to the defined recipient.

The process client, which technically controls the automated dispatch, handles the technical creation of the SecuMail via an authenticated connection to the FTAPI server and stores a unique dispatch ID. This allows the dispatch status to be tracked by the system and displayed to the responsible staff, including information on whether and when a report was retrieved by the recipient.

For CeGaT, this transparency is business-critical. A successfully dispatched and retrieved report marks the completion of an order and is therefore billable. At the same time, clear documentation creates a reliable basis for enquiries from doctors or senders.

Throughout the project, the close cooperation with the responsible contacts at FTAPI was also an important factor. "The contacts at FTAPI are incredibly committed and collaborative. Particularly with special requirements, we noticed that we weren't just writing a ticket, but looking for a solution together," says Scheurenbrand.

Compliance capability as a strategic asset

Through automation and system integration, data breaches – such as entering incorrect email addresses – are virtually eliminated. At the same time, the manual reconciliation effort in report dispatch has decreased.

Significant efficiency gains are already evident during the ongoing rollout. Currently, around 30 per cent of reports are sent via the new system, as the full expansion is linked to upstream process steps. In the sub-area already converted, the teams consistently report very high time savings. Several minutes of manual work are saved per report, which were previously necessary for compiling, transferring, and checking dispatch information. With a five-figure number of reports per year and currently around 30 per cent automated dispatch, this already results in time savings in the order of several hundred working hours.

Fewer manual interventions simultaneously mean fewer potential sources of error. As a result, additional monitoring effort, such as a four-eye principle in the dispatch process, has become largely redundant. "Fewer errors mean fewer data breaches. And in our sensitive environment, this directly protects our reputation as a trustworthy provider," says Scheurenbrand.

End-to-end encryption is a clear advantage, especially in audits. During review and audit processes, CeGaT can transparently demonstrate that reports are transmitted with consistent encryption. Thus, FTAPI is not just a technical tool, but an integral part of the company's compliance strategy.

The Result

Secure scaling in a regulated environment

With FTAPI, CeGaT has implemented a solution that reconciles growth with regulatory requirements. Despite increasing report numbers, transmission remains secure, traceable, and documented in an audit-proof manner.

"Without FTAPI, we would have had a scaling problem or would have had to compromise on compliance. They have increased our compliance capability," says Scheurenbrand.

The combination of true end-to-end encryption, automated process integration, and system-supported traceability makes FTAPI a central component of digital report dispatch for CeGaT.