Information systems security, a pre-condition for trust
Health data is information of a particularly personal nature because it concerns an individual’s state of health and the treatment they are receiving. People are entitled to the protection of this data by law in the same way as they are entitled to the confidentiality of their patient records. The data is stored in patient records and shared between healthcare professionals to ensure seamless care journey, as well as being used as an aid to medical decision-making and for the purposes of preventive treatment. The amount of data is expanding exponentially, and with it the pressing need to protect against hacking, technical incidents or negligence on the part of users.
To improve overall security, the Agence du Numérique en Santé (ANS) is spearheading various initiatives, from the publication of guides and security reference documents (PGSSI-S) to the rolling out of practical products and services for identifying and authenticating the ID of professionals (directory, ID cards, certificates) and the managing of the national health ID number system. It is also assisting healthcare facilities with cybersecurity and managing the MSSanté Secure Messaging Service.