Diagnostics: Data and Processing

My personal assessment

  • You are creating a digital service in the health field.
  • You are using personal health data. This is sensitive data subject to a specific regime, in particular the GDPR regime for Sensitive Data.
  • Their processing requires secure hosting (HDS, health data hosting) and information for individuals.
  • These health data are only consulted by the user. You must set up a strong authentication system.
  • You will exchange data with other information systems. You will integrate your service in tools for professionals, and will be interoperable.
  • If you process personal health data and contribute to care actions. You must unambiguously identify the patient using the INS (national health identifier).

To learn more, see the regulatory topics that concern you.

What to do next? Carry out the Diagnostics of the Purpose of my service, in order to identify whether you are subject to the medical device regulation.

Consult the regulatory files

SIS Interoperability Framework

SIS Interoperability Framework

The interoperability framework for health IT systems (CI-SIS) sets the rules for compatible health information systems.

Interoperability

Soon enforceable

HDS

HDS

Health data hosting (HDS) must be carried out under security conditions appropriate to the data's criticality.

Safety

Enforceable

French National eHealth ID (INS)

French National eHealth ID (INS)

The French National eHealth ID (INS) allows all stakeholders to use the same unique, permanent identity visible to the user.

Safety

Enforceable

Diagnostics: Purpose of my service
Go back to the previous question