Protecting health data with HDS
Over the last decade, the medical sector has slowly started a process of digitalization, integrating more and more digital tools such as online appointment booking to facilitate, among other things, the work of secretaries. This process has been accelerated since 2020 due to the Covid-19 epidemic.
Health Data Hosting: How important is it to your business?
The hacking of health data
Data hacking has become the new trend among cybercriminals. Sadly, there are many examples that are making the headlines.
For example, in 2014 an American health insurance company had more than one million records hacked. France is also targeted by its attacks, the AP-HP was targeted in the summer of 2021. The data: identity, social security number, etc., of more than 1.4 million people have been stolen.
Beyond security flaws that facilitate data theft, if cybercriminals are increasingly turning to this type of hacking, it is primarily because health data can be very profitable: insurance scams, ransom demands, resale on the Dark Web... Medical data are an easy source of enrichment for cybercriminals and are still not secured enough.
To stop this trend, standards such as the RGPD. These require professionals to ensure the protection of their patients' personal data.
Protecting health data
What is health data?
Health data is considered to be any information issued or received that constitutes personal information specific to an individual. In practice, health data can take the form of
- contact information: last name, first name, phone number, postal address, email
- information on personal life
- health-related information
The measures put in place
The opening of the medical sector to the digital world has required the implementation of numerous measures to protect all personal health data that circulate today through software and computer systems.
Faced with the threats public Institutions have reacted. The RGPD, General Regulation on Data Protection came into force in spring 2016. The latter concerns the processing of personal data. It allows to ensure the confidentiality and security of these data. The RGPD has also given a right of review and control to Internet users regarding the use that is made of their data.
In France, a regulatory framework has been set up to reinforce the protection of health data. The objective is to build a trustworthy environment to store and reinforce the protection of personal health data.
What is HDS?
The HDS approval, Health Data Host, which became HDS certification, following the Order of January 12, 2017 is intended for individuals and legal entities processing or storing health data:
"Any person who hosts personal health data collected in the course of prevention, diagnosis, care or social and medico-social monitoring activities, on behalf of the natural or legal persons responsible for producing or collecting the data or on behalf of the patient himself".
Thus, to be legal, any organization hosting health data must have obtained a certification issued by a certifying body, accredited by the COFRAC, French Accreditation Committee.
At the same time, it is the duty of the professionals to ensure that the software used uses an HDS certified host.
💡💡 Health data is not only processed by physicians. The health insurance companies, day care centers, schools and nursing homes are also likely to process this type of data. They therefore need to use a health hosting 💡💡
Agendize and HDS
The security of our product is a major issue for us. Depending on the platform chosen by the customer, our solution is hosted on servers in France or in the United States. Our servers are hosted by providers who implement 24/7 protections.
To guarantee the security of our customers' health data, we have chosen to work with ATE. They have received HDS certification based on international standards and set requirements for the hosting of personal health data.
Do you process healthcare data and are looking for a flexible, secure online booking software?
Generate appointments from Store Locator to feed web to store strategy
Read the article >
Center National de la Musique automates its appointment management with Agendize
Read the article >