Is AI with patient data allowed?

Locally yes - the data does not leave the practice. Cloud AI with patient data is the risk.

What about confidentiality beyond death?

Medical confidentiality continues; local processing does not affect it.

Does this work with our PMS?

Yes, through integration; the endpoint is in-house.

How long does setup take?

The AI Cube as an appliance is ready quickly. An integrated on-premise build with RAG and professional-software connection takes a few days to a few weeks depending on scope - we define the exact scope in the initial consultation.

Which models and hardware are used?

Common open-source LLMs (e.g. Llama, Qwen, Mistral, Gemma) on NVIDIA RTX hardware - from the AI Cube for a single practice to a GPU server for larger institutions. No vendor lock-in; model choice follows your hardware.

Are you jointly liable under §203?

Yes. As a contributing person obliged in text form under §203, we are ourselves included in liability (§203 (4) s. 2 StGB) - your „skin in the game“. We also carry Hiscox IT liability insurance.

What does it cost to get started?

Entry runs via the AI Cube at a fixed price; a project-individual build for larger institutions is quoted by effort. Recurring costs only for optional maintenance/RAG upkeep - no cloud subscription. The initial consultation is free.

Can we operate the AI ourselves later?

Yes. We hand over with documentation and train your team - you can operate fully yourself. Maintenance, updates, model upgrades and RAG upkeep are available optionally as a contract, but are not mandatory.

DE EN

[email protected]

DE EN

§203 StGB · GDPR Art. 9

AI for Medical Practices - patient data stays in the practice

Health data is specially protected under GDPR Art. 9 and subject to §203 StGB. Cloud AI is structurally incompatible with this - local AI is not.

No data outflow (Art. 9)Integration into PMS (e.g. CGM, medatixx)Quiet operation in the practice network instead of a server room

Explore the AI Cube

Leading companies worldwide trust WZ-IT

KI Confidentiality professionalsMedical Practice & MVZ

The situation

Why cloud AI becomes a risk here

Doctor's letters, findings and histories cost time - but every cloud input with patient data is a potential §203 breach.

GDPR Art. 9 demands a particularly strict standard for health data; consent for cloud AI can hardly be obtained with legal certainty in daily practice.

A DPA with the provider does not replace medical confidentiality.

Legal framework

§203 StGB & AI: the full mechanics

Most providers only say „§203 = no cloud“. What matters is the mechanics behind it - and how to fulfil them cleanly by contract and technically.

What §203 StGB prohibits

§203 StGB criminalises the unauthorised disclosure of others' secrets by professionals bound to secrecy - client, patient and party data, trade secrets. „Unauthorised“ means: without consent of the secret-holder and without legal authority. Penalty: up to one year imprisonment or a fine (subs. 1), up to two years for acting for payment (subs. 5). Offence prosecuted on application (§205 StGB), plus professional-law consequences up to withdrawal of the licence.

Why cloud AI is the problem

Inputs to ChatGPT, Copilot & co. are processed on third-party servers (often in the US). This transmission can already be a disclosure within the meaning of §203 StGB - regardless of whether the provider actively uses the data. A DPA under Art. 28 GDPR changes nothing: §203 goes beyond data-protection law and prohibits disclosure to third parties additionally and independently. A DPA is not §203 - both are required.

What the 2017 reform allows

Since the reform an IT service provider, as a „contributing person“ (§203 (3) s. 2 StGB), may receive access to protected information WITHOUT this being a punishable disclosure - if three conditions are met: (1) necessity for the service, (2) obligation in text form with instruction on the criminal consequences (§126b BGB), (3) careful selection, supervision and immediate termination on breach.

The flip side - your risk

Whoever does NOT oblige the contributing person becomes liable themselves under §203 (4) no. 1 StGB. Not the employee who enters data into a tool bears responsibility - but the professional (firm/practice owner). What is punishable is not the input into a secured system, but the missing contractual safeguard.

Skin in the game

With the reform, the contributing person is itself included in liability under §203 (4) s. 2 StGB. As your obliged service provider we are jointly liable - that is not a risk for you, but your safeguard.

The subcontractor chain

If a provider brings in subcontractors (Azure, AWS, Vercel), THESE must also be obliged in text form. With US hyperscalers this is practically not feasible - and the US CLOUD Act applies, enabling access by US authorities; EU residency does not protect against that. On-premise on your hardware has no such chain: the data does not leave your building. Our remote-maintenance access still makes us a contributing person - which is why we commit contractually, for the build and maintenance phase.

Your professional-law layer

Base norm: Medical confidentiality - §203 StGB + professional code (§9 MBO-Ä)
Provider norm: §203 Abs. 3 S. 2 StGB
Particularity: GDPR Art. 9 - health data, strictest standard; no §43e equivalent, §203 applies directly.

Our §203 compliance package

Standard part of every build / AI Cube contract - for build and maintenance phase:

AVV (Art. 28 DSGVO)

Data-protection layer

Secrecy obligation

Text form + criminal instruction (§203/§126b)

Subcontractor proof

short chain / on-prem

This content is general information and not legal or tax advice. The specific obligation of contributing persons under §203 StGB and the respective professional-law requirements must be reviewed by a lawyer/tax advisor on a case-by-case basis.

Use cases

What the local AI handles for you

All local on your hardware - no data outflow.

Doctor's-letter and findings-report generation from structured inputs

History structuring and findings/lab-value summarisation

Coding support (ICD/EBM)

Templates for patient communication

RAG research in guidelines and medical literature

Our approach

Advise. Build. Operate. From one team.

Sovereign AI is a lifecycle, not a device purchase - and everything stays on your infrastructure.

Advise & design

Workshop, sizing, data classification and §203 contract framework. We understand your stack, professional software and compliance requirements before we recommend.

Build & integrate

On-premise build on your hardware, RAG on your documents with access control, integration into your professional software, secrecy obligation + DPA.

Operate & maintain (optional)

Updates, monitoring, model upgrades and RAG maintenance as a service contract - or you operate fully yourself. Handover and knowledge transfer included.

From one house

The full service range for your local AI

From hardware and inference through RAG and integration to operations and security - no interface ping-pong between advice, build and operations.

Local AI infrastructure

Knowledge & RAG

Integration & development

Operations & security

To the full AI hub

Frequently asked questions

Blog & Tutorials

Let's Talk About Your Idea

Whether a specific IT challenge or just an idea - we look forward to the exchange. In a brief conversation, we'll evaluate together if and how your project fits with WZ-IT.

E-Mail

[email protected]

Leading companies trust WZ-IT