Diagnostics: Data and Processing

My personal assessment

  • You are creating a digital service in the health field.
  • You are using personal health data. This is sensitive data subject to a specific regime, in particular the GDPR regime for Sensitive Data.
  • Their processing requires secure hosting (HDS, health data hosting) and information for individuals.
  • These health data are only consulted by the user. You must set up a strong authentication system.
  • Your service uses a directory of structures and/or professionals. Join the national reference directory to benefit from certified and up-to-date data.
  • If you process personal health data and contribute to care actions. You must unambiguously identify the patient using the INS (national health identifier).

To learn more, see the regulatory topics that concern you.

What to do next? Carry out the Diagnostics of the Purpose of my service, in order to identify whether you are subject to the medical device regulation.

Consult the regulatory files

HDS

HDS

Health data hosting (HDS) must be carried out under security conditions appropriate to the data's criticality.

Safety

Enforceable

FINESS+

FINESS+

The Health Directory is the national reference directory containing the identification data of all professionals involved in the health system.

Safety

Soon enforceable

French National eHealth ID (INS)

French National eHealth ID (INS)

The French National eHealth ID (INS) allows all stakeholders to use the same unique, permanent identity visible to the user.

Safety

Enforceable

RPPS+ (French HPs shared directory)

RPPS+ (French HPs shared directory)

The RPPS is the leading directory for identifying individual professionals working in the health, medical and social care sectors.

Safety

Soon enforceable

Diagnostics: Purpose of my service
Go back to the previous question