Diagnostics: Data and Processing

Attention, the suggested results correspond to the answers checked. They provide an initial insight but they are no substitute for the personalised and in-depth analysis that a legal or regulatory expert can provide

My personal assessment

  • You are creating a digital service in the health field.
  • You are using personal health data. This is sensitive data subject to a specific regime, in particular the GDPR regime for Sensitive Data.
  • Their processing requires secure hosting (HDS, health data hosting) and information for individuals.
  • These data are consulted by the care team. You must set up a strong authentication system that guarantees the identity of the professionals. You can rely on the identity provider and the authentication mechanism provided by the state (ProSanté Connect and e-CPS).
  • Access to data is achieved through an exchange system that must be secure. Rely on the circle of trust for secure health messaging (MSSanté). If you need to share certain data and documents.
  • You process personal health data and contribute to care actions. You must unambiguously identify the patient using the INS (national health identifier).
  • Your service uses a directory of structures and/or professionals. Join the national reference directory to benefit from certified and up-to-date data.
  • You will exchange data with other information systems. You will integrate your service in tools for professionals, and will be interoperable.

To learn more, see the regulatory topics that concern you.

What to do next? Carry out the Diagnostics of the Purpose of my service, in order to identify whether you are subject to the medical device regulation.

Consult the regulatory files

SIS Interoperability Framework

SIS Interoperability Framework

The interoperability framework for health IT systems (CI-SIS) sets the rules for compatible health information systems.

Interoperability

Soon enforceable

HDS

HDS

Health data hosting (HDS) must be carried out under security conditions appropriate to the data's criticality.

Safety

Enforceable

FINESS+

FINESS+

The Health Directory is the national reference directory containing the identification data of all professionals involved in the health system.

Safety

Soon enforceable

French National eHealth ID (INS)

French National eHealth ID (INS)

The French National eHealth ID (INS) allows all stakeholders to use the same unique, permanent identity visible to the user.

Safety

Enforceable

RPPS+ (French HPs shared directory)

RPPS+ (French HPs shared directory)

The RPPS is the leading directory for identifying individual professionals working in the health, medical and social care sectors.

Safety

Soon enforceable

Pro Santé Connect

Pro Santé Connect

Pro Santé Connect is a centralising authority for identity providers.

Safety

Soon enforceable

e-CPS

e-CPS

e-CPS is a means of electronic authentication for healthcare professionals.

Safety

Recommended

Shared Medical Record (DMP)

Shared Medical Record (DMP)

The Shared Medical Record (DMP) is a personal eHealth file.

Core services

Soon enforceable