What is PGSSI-S?
The PGSSI-S (General Security Policy for Health Information Systems) documentation sets out a framework of eHealth security guidelines, standards and good practices.
Digitising the health sector has globally improved the patient care process. However, the State has put into place a policy of risk management to prevent potential threats. The ANS has issued a framework to secure eHealth practices, both for patients and professionals. It has several goals:
- Set out a framework project leaders can refer to when setting the required security standards;
- Enable industrial companies to specify the security levels in their products or services;
- Support healthcare facilities in defining and implementing their own information system security policies.
There are many benefits in abiding to the PGSSI-S guidelines when you create your products or services for the health, social-health and social work sectors:
- Making sure the security compliance requirements approved by the Ministry of Health are respected;
- Following the good practice guidelines, using the PGSSI-S guidebooks at your disposal, to meet the general security rules set out by the public health code, the "Informatique and Liberté” bill (Computing & Freedom) and the GDPR;
- Meeting the criteria required to receive a label or certification in these sectors;
- Encouraging your clients to follow their own good practice obligations in terms of health Information System security;
- Contributing to improving user data security, the image of health industrials, and client satisfaction.
PGSSI-S in 1 click
The PGSSI-S Documentation Corpus in 3 Steps
Step 1
Read the toolkits (opposability) and guides (recommendations) that apply to the product or service being developed or distributed
Step 2
Apply the requirements of the relevant toolkit and take into account the guides recommendations on your proposed product or service’s life cycle, from its conception to the end of its use.
Step 3
Should the product be eligible, apply for the Ségur label
Key service dates
Frequently Asked Questions
The ANS answers the most common questions about PGSSI-S
Generally speaking, the PGSSI-S needs to be applied as soon as personal health data are being handled. It is relevant to the public sector as well as the private sector, health professionals, workers of the social-health and social sectors, healthcare establishments and service providers.
As a patient, the PGSSI-S is a seal of guarantee on the accountability of digital health ecosystems.
Cette réponse vous a-t-elle été utile ?
Complying with the PGSSI-S frames of reference is either required by law (if the documents have been approved by a ministerial decree) or meant to be followed on a short-term basis until the documents are approved by the ministry.
Cette réponse vous a-t-elle été utile ?