Overview of digital health regulations

As a reminder, according to the CNIL, health data is data concerning an individual's past, present, or future physical or mental health. Your digital tools, connected objects, and medical devices are likely to use, process, or store personal health data. If this is the case for your innovation, you must comply with a strict security framework to ensure the protection of patients' personal and health data. 

This section of the website refers to all the regulatory topics applicable to digital health in the form of educational fact sheets. All these regulatory elements are consolidated in the ministerial roadmap defined for the acceleration of digital health and are classified according to their functionality: 

The field of security 

This includes regulations related to secure connection services (ApCV (Application carte vitale), e-CPS, Pro Santé Connect, FranceConnect), the General Data Protection Regulation (GDPR), regulations and national services concerning medical directories, registers, and repositories (ROR, RPPS+, FINESS+), regulations concerning the hosting of health data (HDS), regulations concerning the National Health Identity (INS), the general security policy for health information systems (PGSSI-S), regulations applicable to medical devices, etc.

The field of interoperability

The field of interoperability consists of the CI-SIS health information systems interoperability framework, which sets the rules for communicating health information systems, the health terminology management center (CGTS), which distributes semantic resources for the health and social sectors free of charge, and finally the Multi-Terminology Server (SMT), which is the tool for disseminating and managing health terminologies.

The core services domain

This includes all basic services such as the shared medical record (DMP), which is in fact the digital health record, e-Prescription, which consists of dematerializing the prescription process, and finally the secure messaging service for healthcare professionals and citizens (MSSanté).

The digital platforms domain

A range of services allows healthcare professionals to access several services from a single point, including the Health Data Hub, which facilitates access to health data for innovative projects of general interest under high security conditions and in compliance with citizens' rights, and Mon espace santé (MES), a personal space where users can manage their health data.

How can G_NIUS help me better understand regulatory issues?

The regulatory framework varies depending on the nature and purpose of your innovation project (medical device, digital application, healthcare service, etc.), the technologies used for processing and/or storing personal data, and its end users (healthcare professionals, healthcare institutions, the general public, etc.).

The National Digital Health Innovation Hub (G_NIUS), which stems from the digital health roadmap of the Ministerial Delegation for Digital Health (DNS) and is operated by the Digital Health Agency (ANS), is a portal offering services and content designed to accelerate the digital transition through the development of urbanized, communicative, and interoperable digital services. Our platform helps you learn about and understand the legal framework that applies to your digital project by offering a toolbox consisting of a personalized diagnosis and educational fact sheets, all with the aim of accelerating the market launch of your digital e-health tool.

G_NIUS supports digital health project leaders in understanding the regulatory framework, identifying funding, and connecting with the ecosystem to accelerate innovation in France.