This is any information relating to a person's state of health, physical or mental
It includes, for example, the following information:

• information relating to identifying a person for health purposes (number, symbol, etc.)
• information on tests or examinations including genetic and biological data
• information on diseases, symptoms, treatments, disabilities, medical history, etc.

In France, the main legal provisions relating to health data are:

• The “Informatique et Libertés” Act (art. 8 and chapter IX)
• Provisions on confidentiality (art. L. 1110-4 of the CSP)
• Provisions relating to health data security and interoperability standards (art. L. 1110-4-1 of the CSP)
• Provisions on the hosting of health data (art. L. 1111-8 and R. 1111-8-8 et seq. of the CSP)
• Provisions on making health data available (art. L. 1460-1 et seq. of the CSP)
• Ban on the transfer or commercial use of health data (art. L. 1111-8 of the CSP, art. L 4113-7 of the CSP)

Your digital service must be designed to meet certain requirements designed to respect the sensitivity of health data.
The data subject, especially the patient, has fundamental rights in addition to those provided for by the “Informatique et Libertés” Act, which must be taken into account from the project design stage:

• Right to be informed prior to care and consent to care
• Right to privacy and confidentiality of information (professional secrecy)
• Right of access to all information concerning one's health
• The security of health data must be ensured (link to PGSSI-S page)
• Access to health data must be strictly controlled, especially the exchange and sharing of health data

• What is health data (source: CNIL)
• What are the formalities for processing health data (source: CNIL)