Managing compliance of health data processing
For all your projects involving personal health data, particularly in the context of clinical trials, implementation of a telemedicine solution or a connected device, we will accompany you in:
- Classifying the processed data, to determine whether it is in fact personal health data;
- Ensuring your processing complies with the regulations applicable to personal data and the provisions specific to health data;
- Building your privacy impact study (Data Protection Impact Assessment)
- Identifying any potential compliance failures through an audit;
- Preparing internal procedures required for implementation of your obligations, specifically in terms of data security, data transfer, anonymity and encryption, and continuity of business;
- Drafting and reviewing contractual terms of your distribution agreements or regarding your relationships with subcontractors (development, maintenance, hosting)
- Drafting and reviewing your information and consent forms for patients and health professionals;
- Your relationships with the authorities, in particular CNIL and ASIP Santé.
Hosting your health data
Should you wish to entrust hosting of the health data you process to a third party, or to host it yourself, we will assist you in:
- Choosing the most appropriate hosting mode for your project;
- Preparing your accreditation file for hosting health data, or during the certification procedure;
- Following up your accreditation file, or the certification procedure with ASIP Santé or the certifying body;
- Contracting out with an approved / certified hosting third party.