The month of May saw the update of two important repositories for the secure use of healthcare data.
The first, concerning the security framework for access to data in the national health data system (SNDS), takes into account the expansion of the data making up the system, between “main base” and “catalog base”, as well as the sharing of responsibility between the Caisse Nationale de l’Assurance Maladie (CNAM) and the health data platform.
It provides important clarifications concerning data transfers and their availability via project spaces, which is at the heart of CASD operations.
Note that the SD-Box solution eliminates the need for applicants to certify their local access station.
The second concerns the certification of organizations as health data hosts (HDS).
It is largely based on the ISO 27001 information security management standard, with additional requirements (on governance, contractualization, operation, sovereignty, etc.) to take account of the sensitivity associated with healthcare data.
CASD is a certified Health Data Host (HDS) and has been approved for the health data repository since 2019.
In both repositories, detailed information is also provided on territoriality constraints for health data hosting.