Diagnostics: Regulations
Select one of the following two diagnostics
Why is it important to do the two proposed diagnostics?
Carry out diagnostics for your service and identify the regulatory issues that concern you.
- The "purpose of my service" diagnostic allows you to identify whether your service is subject to medical device regulations.
- The "data and processing" diagnostic allows you to identify whether your service is subject to regulatory issues, particularly those related to the processing of health data.
They complement each other and we advise you to do both of them.
Please note that the proposed assessments provide an initial insight but do not replace a personalised and in-depth analysis of your service/product that a legal expert can provide.
Please note: the impact of the GDPR (General Data Protection Regulation) related to the processing of other personal data (account creation, etc.) are not taken into account in this diagnostic.
- To learn more about the GDPR, consult the site of the CNIL
- Access consult the site of the CNIL
Other specific regulations govern your services/products
Please note that you are certainly subject to more specific regulations that are not taken into account by the two diagnostics.
Framework of telemedicine solutions
Therapeutic education of the patient
- Article L. 1161-1 et seq. of the French Public Health Code (CSP)
Free choice of physician by the patient
Physicians must respect the right of all persons to freely choose their physician. They must facilitate the exercise of this right.
- Article R. 4127-6 of the French Public Health Code (CSP)
- Code of ethics of the National Order of Physicians (the Conseil National de l'Ordre des Médecins (CNOM))
Agreement between the physician and other healthcare professionals (complicity)
Any complicity between doctors, between doctors and pharmacists, medical auxiliaries or any other natural or legal persons is prohibited.
- Article R. 4127-23 of the French Public Health Code (CSP)
- Code of ethics of the National Order of Physicians (the Conseil National de l'Ordre des Médecins (CNOM))
Prohibition to practice medicine as a business
Medicine must not be practiced as a business. All direct or indirect advertising, and in particular any arrangement or signage that gives the premises a commercial appearance, is prohibited.
- Article R. 4127-19 of the French Public Health Code (CSP)
- Code of ethics of the National Order of Physicians (the Conseil National de l'Ordre des Médecins (CNOM))
Prohibition of multiple activities by physicians
A physician may only engage in another activity if such combination is compatible with professional independence and dignity and is not likely to enable him or her to profit from his or her prescriptions or medical advice.
- Article R.4127-26 of the French Public Health Code (CSP)
- Code of ethics of the National Order of Physicians (the Conseil National de l'Ordre des Médecins (CNOM))
In the age of big data, health data from patient care pathways are sensitive assets. Thus, it is critical to ensure their protection and security throughout processing, so that services remain in compliance with regulations (whether you are an institution, a professional, an innovator, etc.).
The field of eHealth is a very vast ecosystem that encompasses a number of issues: cybersecurity, ethics, core services, etc. All of these issues must be taken into consideration when developing your digital patient data processing or storage service. You need to understand all the regulations that apply to your IT project, so that it meets the criteria of the Ministerial Roadmap and can interact with your clients' other tools (interoperability framework) without risk to the integrity of health data, all while optimising the patient care pathway.
In order to simplify and clarify this, the Ministry of Health, through five guidelines divided into thirty actions, has published a technical framework. This doctrine is part of the implementation of the roadmap "Accelerating the digital shift". It is aimed at the world of health in the broadest sense of the term: Health and social care actors, digital service providers, and users of digital services. Thus it affects all digital services handling health data in France.
Identify the regulations that apply to your project with G_NIUS
You can use the the framework compass to get an overview of the eHealth reference framework’s components. The compass includes all the core standards, core services, and national platforms (Health Data Hub, Mon Espace Santé, etc.).
Given the need for project leaders (working on information systems, connected objects, etc.) to quickly and easily identify the regulations that apply to the implementation of their projects (laws, legal obligations), G_NIUS is able to provide a regulatory diagnosis. In a few clicks, find the subjects (security, compliance, legal, etc.) where you should focus your attention, and get the fact sheets for each of these subjects to find the information you need to implement your digital project (applicable laws, compliance, etc.).
Two diagnostic tools are on offer: "Purpose of my service” and "Data and processing". Both diagnostics must be carried out. Please note: the impact of the GDPR (General Data Protection Regulation) related to the processing of other personal data (account creation) is not taken into account in this diagnostic.