What regulations do I need to apply?
Use our two diagnostics to identify the regulations to which your solution is subject.
Why is it important to carry out both diagnostics?
Perform a diagnosis of your service and identify the regulatory subjects that concern you.
- The "purpose of my service"diagnosis identifies whether your service is subject to medical devices regulations.
- The "data and processing"diagnosis enables you to identify whether your service is subject to regulatory subjects notably linked to health data processing.
They are complementary and we advise you to carry them out successively.
Note: the impact of the RGPD (General Data Protection Regulation) linked to the processing of other personal data (account creation, etc...) are not taken into account in this diagnosis.
- To find out more about the RGPD, consult the CNIL website
- Access the consult the CNIL website
Other specific regulations govern your services/products
Please note that you may be subject to more specific regulations that are not covered by the two diagnoses.
Telemedicine solutions framework
Therapeutic patient education
- Article L. 1161-1 et seq. of the French Public Health Code (CSP)
Patients free to choose their own doctor
The physician must respect the right of all persons to freely choose their physician. He must facilitate the exercise of this right.
- Article R. 4127-6 du Code de la Santé publique (CSP)
- Code de déontologiedu Conseil National de l'Ordre des Médecins (CNOM)
Agreement between physician and healthcare professionals (compérage)
Any competition between doctors, between doctors and pharmacists, medical auxiliaries or any other natural or legal persons is prohibited.
- Article R. 4127-23 du Code de la Santé publique (CSP)
- Code de déontologie du Conseil National de l'Ordre des Médecins (CNOM)
Ban on practicing medicine as a business
Medicine must not be practiced as a business. All direct or indirect advertising processes are prohibited, in particular any layout or signage giving the premises a commercial appearance.
- Article R. 4127-19 du Code de la Santé Publique (CSP)
- Code de déontologie du Conseil National de l'Ordre des Médecins (CNOM)
Physicians prohibited from holding multiple jobs
A doctor may only engage in another activity if such accumulation is compatible with professional independence and dignity and is not likely to enable him or her to profit from his or her prescriptions or medical advice.
- Article R.4127-26 du Code de la Santé Publique (CSP)
- Code of ethics of the Conseil National de l'Ordre des Médecins (CNOM)
Regulation in e-Health
In the age of big data, healthcare data emanating from patient care paths are sensitive assets. As such, it is more than essential to ensure their protection and security throughout the entire treatment process, so that services remain compliant with regulations (whether you're an institution, a professional, an innovator...).
The field of digital health is a very vast ecosystem that encompasses a good number of subjects: cyber security, ethics, core services... All of these subjects must be taken into consideration when developing your digital service for processing or storing patient data. You need to understand all the regulations that apply to your IT project, so that it meets the criteria of the ministerial roadmap and can interact in your customers' other tools (interoperability framework) without risk to the integrity of health data while optimizing the patient care pathway.
In order to simplify and clarify this, the Ministry of Health and Solidarity, through five orientations broken down into thirty actions, to publish a technical doctrine. This doctrine is part of the implementation of the "accelerating the digital shift" roadmap. It is aimed at the healthcare sector in the broadest sense of the term: health and medico-social professionals, digital service providers and digital service users. It covers all digital services handling health data in France.
Identify the regulations that apply to your project with G_NIUS
You can, via the doctrine technique, synthetically visualize the components of the e-health reference framework. The compass includes all the base reference systems, base services and finally national platforms (Health data Hub, Mon Espace Sante...)
Conscious of the need for project leaders (information systems, connected objects ... ...) to quickly and easily identify the regulations applying to the implementation of their projects (law, legal obligation), G_NIUS provides a regulatory diagnostic. In just a few clicks, find the subjects (security, compliance, legal...) on which your attention should be focused, and access the pedagogical sheets for each of these subjects to find the information you need as part of the implementation of your digital project (applicable law, compliance...).
Two diagnostics are available: the "Finalite De Mon Service" and "data and processing" diagnostics. Both diagnostics must be carried out. It should be noted that the impact of the RGPD (General Data Protection Regulation) on the processing of other personal data (account creation) is not taken into account in the diagnostic.