Votre question concerne quel type d'offre ?
Votre question concerne quel couloir Ségur ?
Votre question concerne quel dispositif Ségur ?
Votre question concerne quel produit ou service produit?
Votre question concerne quelle thématique ?
To make sure your software complies with the guidelines required to implement INS into software, several documents are available:
Cette réponse vous a-t-elle été utile ?
Health CERT operates on weekdays between 9am and 6pm. Aside from these working hours, it is possible to contact the ANSSI to signal risks.
CERT Santé
+33 (0)9 72 43 91 25
Agence du Numérique en Santé
9 rue George Pitard, 75015 Paris
Cette réponse vous a-t-elle été utile ?
Yes. The ANS has a video platform with training material, including cybersecurity support. You will find information about cybersuveillance auditing, how to signal a security risk, how to increase your password security, and how to identity malicious email.
Cette réponse vous a-t-elle été utile ?
Health professionals are encouraged to use MOS and NOS for three main reasons :
- enhance the interoperability of information systems by harmonising names, attributes, codes and nomenclatures;
- share the same understanding of the information, regardless of which directory or reference document it is taken from;
- facilitate the specification, analysis and conception of a project.
The ANS offers training on MOS-NOS and the elaboration method for exchanges’ functional specs (see our Documentation section).
The illustration below gives you examples of the types of professionals using the MOS-NOS:
Cette réponse vous a-t-elle été utile ?
Our partner, the GIE Sesam-Vitale, is here to provide you with support and answer your questions about your software project, how to integrate INSi, or solve any potential technical setbacks.
The helpdesk is available by phone at +33 (0)2 43 57 42 88, from 9am to 12noon, and from 2pm to 6pm, Monday to Friday. You may also send an email to centre-de-service@sesam-vitale.fr.
Cette réponse vous a-t-elle été utile ?
In order to make the check lists more transparent and reduce the risk of seeing your Ségur application denied, we have published a document listing common mistakes, which is available below:
Cette réponse vous a-t-elle été utile ?
It is compulsory to have an individual CPx-type card to log in to the INSi teleservice. Three types of cards are supported: CPS, CPE, CPF.
Cette réponse vous a-t-elle été utile ?
CPx cards issued before December 2020 have a contactless chip that prevents from overwriting its code.
The new CPS R3V3 cards that are now in circulation have a Mifare Desfire chip. These cards can stock crypto-secret keys that work with the Mifare Desfire protocol.
All the information about this feature is available in the Manual to deploy contactless CPx cards (available to download below). One must be cautious about the data inserted in the chip’s writing code.
We strongly advise against using this section of the chip to stock access rights. The ANS recommends you to use the ANSSI guidelines on using a "transparent" reader in connected mode. This does not involve a cryptographic protocol during a badge authentication – only the UTL (logic treatment unit) takes part in the cryptographic protocol.
ANSSI advises against setting up a “smart” badge allowing a double authentication breaking from the UTL.
All the recommendations on securing systems for physical access and video projection are available in the document below, "Recommendations on securing systems for physical and video projection access".
Cette réponse vous a-t-elle été utile ?
The MOS is a collection of concepts described homogeneously and neutrally in terms of technologies. It offers a common description of the information processed and exchanged in the information systems to make digital communication easier.
The overall consistency of the MOS is founded on the definition and description of its UML (Unified Modelling Language) concepts.
Some MOS concepts can be coded. They are associated with the nomenclatures of health objects (NOS), i.e. lists of codes/labels.
You are encouraged to use MOS and NOS to :
- optimise and coordinate efforts when you analyse or conceive a system (or an application) by re-using the same semantic components;
- make sure there is consistency in your internal developments and with external systems, for the best possible interoperability.
Cette réponse vous a-t-elle été utile ?
The European Commission’s studies have determined there is a need for a base vocabulary, such as MOS and NOS, which can be used as a starting point for:
- develop and evolve information systems (IS) to formalise the conceptual and logical data they utilise (for instance, the MOS is a reference for the modelling of the RPPS);
- share information between ISs to create specific models of data they can use (thus, the MOS is underlying the ROR exposure model);
- combine and synthetise elements originating from different sources;
- publish data in a common format, such as a directory or catalogue of service (for example, the Annuaire Santé / Health Pro Directory).
Cette réponse vous a-t-elle été utile ?
Healthcare industrials and software publishers are encouraged to contact Health CERT if they discover a security incident or potential malware. CERT provides assistance and support to resolve such issues. CERT also assists you in your communications to health structures.
Cette réponse vous a-t-elle été utile ?
Upgrading your products allows you to offer your customers a solution that complies with current regulations. Failure to meet this requirement will have several impacts:
-
Your customers will not incorporate the INS into their software, which will entail possible penalties with regard to several systems (Ségur Wave 1, HOPEN, portal listing in Mon Espace Santé, etc.) ;
-
Your customers will not be in compliance with the law. They will therefore be responsible for any errors in the identification of their patients and users ;
-
Sharing health data by your customers will be more time consuming ;
-
The identity used by your customers may not be the right one, for instance if a patient uses their married name or if the patient is a child registered under their parent’s social security number.
Cette réponse vous a-t-elle été utile ?
This midware allows the interfacing between computer applications, such as the Vivoptim doctors portal and the CPS card.
Cette réponse vous a-t-elle été utile ?