The ‘Prevention Guidelines’ (Leitfaden Prävention) issued by the German National Association of Statutory Health Insurance Funds (GKV-Spitzenverband) plays a key role in the constantly changing digital health space. It serves as an essential catalogue of guidelines that defines the standards and requirements for preventive measures in Germany.

Now more than ever, these guidelines offer clear guidance in a time when digital health solutions are taking on an ever-important role. They define what makes for a high-quality prevention service and how to implement them in practice. Knowing that, we can now turn our attention to the specific aspects of prevention apps.

What are prevention apps?

Prevention apps are digital tools that seek to increase user awareness for health and proactively prevent diseases. They are defined as ‘digital prevention and health promotion services’ in Section 7 of the Prevention Guidelines. They can take the form of online interventions, mobile apps or hybrid training formats, which are defined as follows:

  • a. Internet intervention: Health promotion programmes that are typically carried out at regular intervals for a fixed amount of time, in most cases on the person’s laptop or desktop computer or tablet.
  • b. Mobile apps: Apps whose underlying training concept seeks to promote regular, defined practices or exercises to promote better healthy, generally done every day.
  • c. Hybrid training concept: An online intervention coupled with the use of a mobile app for an extended period.

According to Section 5 of the Prevention Guidelines, statutory health insurance providers also cover these digital services that promote prevention and a healthy lifestyle since July 2021. This is in addition to in-person and online prevention courses that were already covered. This is established in the new rules described in Section 7.

What sets prevention apps apart from other freely available health apps?

Many health apps offer general health information, tips or tools for tracking fitness goals. Prevention apps, on the other hand, focus on evidence-based health promotion interventions and programmes. One of the main differences is that they are certified. According to Section 7 of the Prevention Guidelines, prevention apps must meet strict quality and certification standards in order to be approved and reimbursed by health insurance providers.

The certification process is divided into two phases:

  • a. Approval of concept: Step one involves submission of a conceptual approach related to a specific field of action or prevention principle. If the health benefits have not yet been demonstrated in a study, the concept can receive provisional approval for a period of one year if all other criteria have been met and the study design has been submitted. Once the benefits have been validated by the study, approval is extended to a total of three years. If the benefits have already been proven, approval is granted on the spot for three years.
  • b. Certification of the digital service: On the basis of the approved concept, providers can apply for a review and certification of their digital prevention or health promotion service. Once the service has been certified, it is listed on the websites of the health insurance providers.

What do prevention apps focus on?

Prevention apps cover a wide range of topics relating to prevention and promoting better health, which are based on the fields of action for behaviour-based prevention pursuant to Section 20(4) (1) of the German Social Code – Book V (SGB V).

The core fields of action are:

  • Exercise habits with the following principles of prevention:
    • Reducing physical inactivity through sporting activities that promote better health
    • Preventing specific health risks through applicable exercise programmes
  • Nutrition with the following principles of prevention:
    • Preventing poor nutritional habits
    • Reducing and preventing obesity
  • Stress management with the following principles of prevention:
    • Developing stress management skills
    • Promoting relaxation techniques
  • Use of additive substances with the following principles of prevention:
    • Encouraging people to stop smoking
    • Promoting healthy levels of alcohol consumption and reducing alcohol use

How are the health benefits delivered by digital prevention tools verified?

In the digital health space, it is critical to have verifiable proof that the apps are effective. This means that prevention apps must not only work, they also have to clearly contribute to promoting better health. Having verifiable proof is not only important in order gain the trust of users, it is also critical for formal approval and certification by official bodies. But how exactly is a health benefit demonstrated and what criteria must be met?

  • Provisional certification:
    • One-year certification is also possible without having to submit the final study;
    • the study design must be presented, however.
    • Within this year, proof of efficacy is required in order to obtain three-year certification.
  • Criteria for certification:
    • Providing proof of efficacy is not enough.
    • Other requirements include training concepts, data protection guidelines and exclusion criteria.
  • Details of the study:
    • A distinction is made between therapeutic and preventive benefits.
    • The PICO framework is a useful tool for presenting the details of the study.
    • The study protocol must be publicly accessible.
    • Different types of studies are accepted, though qualitative studies are not.
  • Sample size and ethics:
    • The sample should reflect the target group.
    • There must be an ethics committee in place for sensitive groups.
  • Intensity of use:
    • Information on the minimum frequency of use is required, which helps determine whether the app is reimbursable.

What are the regulatory and technical requirements for prevention apps?

Creating a prevention app is a complex undertaking. For one, the app must meet strict regulatory and technical requirements to ensure both user safety and the quality of the content. Here is an overview of the key points:

  • ISO certification:
    • Certification of the information security management system according to ISO 27001 is obligatory from 2025.
    • The cloud provider must be certified according to ISO 27018 when using cloud services.
    • The ISO 27034 standard for secure software development should be drawn on for guidance.
  • GDPR compliance:
    • A data protection impact assessment pursuant to Article 35 of the GDPR must be carried out, though publication of the assessment is optional.
    • Data may only be transferred to third countries under specific conditions.
    • Single sign-on functions, especially in relation to US providers, should be handled transparently or avoided altogether.
  • The ISO 9241 standard on human-system interaction:
    • Providers should draw on parts 10 and 11 of this standard for guidance; these relate to dialogue principles and usability.

Following these guidelines guarantees that an app will be functional, user-friendly and compliant with data protection law.

How does one file an application for prevention apps?

a. Filing the application

It is critical to ensure that the application is filed correctly before you move onto the review process. A full and complete application should include the following:

  • Underlying concept: A training concept that sets out clear goals and target groups.
  • Content: A detailed description of the endpoints in the training concept, a user example and a test link to the application.
  • Support: A FAQ manual and information on personalised user support.
  • Data protection: A data protection impact assessment that verifies GDPR compliance.
  • Evidence: Documented proof of efficacy and, if applicable, a study design, including a link to the clinical trial registration page.
  • Additional information: Information for policyholders, user help, materials for trial participants and information on sources.
  • Obligations: In the case of one-year certification, the applicant is obliged to submit studies and provide further health data.
b. Certification

The app is entered in the queue for certification once a careful review of the application and the documents has been completed. This can be granted for three years (where complete evidence is submitted) or one year (where provisional evidence is provided).

Is it worth investing in prevention apps?

Developing and certifying a prevention app can pay off handsomely, especially when you consider reimbursement by health insurance providers and potential market demand:

  • Reimbursement: Health insurance providers may cover the full cost of a certified app, which creates a major incentive for users.
  • Economic viability: Despite the upfront cost of certification, this can be amortised within a year. According to estimates, roughly €400,000 in revenue could be generated without excessive certification-related costs in collaboration with select contract partners in the health insurance space.
  • Challenges: The approval process can be complicated, and users often have to pay up front.

In conclusion, one could say that despite the bureaucratic hurdles and other challenges, developing and certifying a prevention app can be a worthwhile investment, especially given that health insurance companies cover part or all of the cost and that demand for such apps is growing.

Are you thinking of developing a prevention app? Or have you already got started and now find yourself facing a seemingly insurmountable obstacle? We are there to assist you in each step of the process –- from the initial idea to implementation. You can find out more about our services on our website.

Would you like to learn more about exciting topics from the world of adesso? Then check out our latest blog posts.

You can learn more about the Prevention Guidelines here: Prevention Guidelines – fields of action and criteria pursuant to Section 20(2) of the German Social Code – Book V (Leitfaden Prävention – Handlungsfelder und Kriterien nach § 20 Abs. 2 SGB V) (

Picture Kismet Ekinci

Author Kismet Ekinci

In his role at adesso, Kismet is responsible for business development in the area of personal health. As an experienced health economist, he brings more than ten years of experience from various areas of the healthcare market. His broad background includes activities in innovative start-ups, established health insurance companies, research and industry and enables him to take a holistic view of the healthcare sector.

Save this page. Remove this page.