Diagnostics: Data and Processing
Attention, the suggested results correspond to the answers checked. They provide an initial insight but they are no substitute for the personalised and in-depth analysis that a legal or regulatory expert can provide
My personal assessment
- You are creating a digital service in the health field.
- You are using personal health data. This is sensitive data subject to a specific regime, in particular the GDPR regime for Sensitive Data.
- Their processing requires secure hosting (HDS, health data hosting) and information for individuals.
- These data are consulted by the care team. You must set up a strong authentication system that guarantees the identity of the professionals. You can rely on the identity provider and the authentication mechanism provided by the state (ProSanté Connect and e-CPS).
- Access to data is achieved through an exchange system that must be secure. Rely on the circle of trust for secure health messaging (MSSanté). If you need to share certain data and documents.
- You process personal health data and contribute to care actions. You must unambiguously identify the patient using the INS (national health identifier).
- Your service uses a directory of structures and/or professionals. Join the national reference directory to benefit from certified and up-to-date data.
To learn more, see the regulatory topics that concern you.
What to do next? Carry out the Diagnostics of the Purpose of my service, in order to identify whether you are subject to the medical device regulation.