Health CERT operates on weekdays between 9am and 6pm. Aside from these working hours, it is possible to contact the ANSSI to signal risks. 

CERT Santé 
+33 (0)9 72 43 91 25 
Agence du Numérique en Santé 
9 rue George Pitard, 75015 Paris

Yes. The ANS has a video platform with training material, including cybersecurity support. You will find information about cybersuveillance auditing, how to signal a security risk, how to increase your password security, and how to identity malicious email.

Health professionals are encouraged to use MOS and NOS for three main reasons :

• enhance the interoperability of information systems by harmonising names, attributes, codes and nomenclatures;
• share the same understanding of the information, regardless of which directory or reference document it is taken from;
• facilitate the specification, analysis and conception of a project. 

The ANS offers training on MOS-NOS and the elaboration method for exchanges’ functional specs (see our Documentation section).

The illustration below gives you examples of the types of professionals using the MOS-NOS: 

The MOS is a collection of concepts described homogeneously and neutrally in terms of technologies. It offers a common description of the information processed and exchanged in the information systems to make digital communication easier.

The overall consistency of the MOS is founded on the definition and description of its UML (Unified Modelling Language) concepts.

Some MOS concepts can be coded. They are associated with the nomenclatures of health objects (NOS), i.e. lists of codes/labels.

You are encouraged to use MOS and NOS to :

• optimise and coordinate efforts when you analyse or conceive a system (or an application) by re-using the same semantic components;
• make sure there is consistency in your internal developments and with external systems, for the best possible interoperability.

The European Commission’s studies have determined there is a need for a base vocabulary, such as MOS and NOS, which can be used as a starting point for:

• develop and evolve information systems (IS) to formalise the conceptual and logical data they utilise (for instance, the MOS is a reference for the modelling of the RPPS);
• share information between ISs to create specific models of data they can use (thus, the MOS is underlying the ROR exposure model);
• combine and synthetise elements originating from different sources;
• publish data in a common format, such as a directory or catalogue of service (for example, the Annuaire Santé / Health Pro Directory).

Healthcare industrials and software publishers are encouraged to contact Health CERT if they discover a security incident or potential malware. CERT provides assistance and support to resolve such issues. CERT also assists you in your communications to health structures.

Generally speaking, the PGSSI-S needs to be applied as soon as personal health data are being handled. It is relevant to the public sector as well as the private sector, health professionals, workers of the social-health and social sectors, healthcare establishments and service providers. 

As a patient, the PGSSI-S is a seal of guarantee on the accountability of digital health ecosystems.

Complying with the PGSSI-S frames of reference is either required by law (if the documents have been approved by a ministerial decree) or meant to be followed on a short-term basis until the documents are approved by the ministry.