Health Data Security Referential (RSDS)

The SNDS fixes constraints applicable to hosting and making health data available. CASD has already integrated the referential in its daily procedures and handlings of access requests.

CASD is applying for ISO 27 001 certification which mostly overlaps with the health data referential (RSDS).

Furthermore, an exhaustive risk analysis was carried out by CASD (492 pages) covering every possible item on security, physical or otherwise. Countermeasures, which mostly were already implemented, were formalized to limit security risks.

Although the RSDS does not make session recording mandatory, CASD is currently setting it into place for health data and has made the necessary investments to capture and store interactive actions from user sessions so as to ensure traceability.

Here is the table describing CASD’s compliance with the RSDS:

RSDS CASD
Risk analysis Carried out exhaustively for “medical files”.
Impact study Idem Risk Analysis
Carrying it out Completed
Testing Completed
Labelling To be done with the person in charge of processing
IT monitoring and follow up Completed
Externalisation
Risk Analysis Completed, Detailed risk analysis
PGSSI OK
Audit modalities OK – synthesis can be supplied on demand
Export OK – only towards RSDS
Awareness raising OK – enrolment sessions and contracts
awareness raising and training for administrators
Access modalities
Availability 24/24, 7/7
Access from an internal work station (PSSI-MCAS) Dedicated SD-Box™
The SD-Box™ has a dedicated use that is subjected to a high level of security
Data output Verification of a priori or a posteriori outputs with traceability and accountability (integrity by encryption)
Code of Good Practice of European Statistics
Data integrity The user only has reader access to source data (no editing or other type of access authorized).
Admin access Users and administrators have no internet access.
SD-Box™ guarantees the Bubble’s isolation
Identification and authentification
Identification Physical identification
Authentification Certification, access card, biometry, Authorization number 2014-369 by the French authorities (CNIL)
Traceability
Authentification Strong
Certification, access card, biometry
Role and authorization management OK, centralized by a directory
User Referential OK – Secure dedicated software
Resource referential OK – Secure dedicated software
Role and authorization referential OK – Secure dedicated and synchronized software
Shared dating OK – Dedicated infrastructure
Tracing back OK, session record
Specific Documentation OK
Trace logs: access, outputs, data matching, and admin operations. OK, technical traces
The need to trace can be arbitrated upon according to the risk
Surveillance
System response time OK
Increasing rights; OK – Audited regularly
Non-authorized output; OK – Audited regularly and tracebility
Non-authorized access to SNDS resource; OK – Audited regularly
Unusual modification source data from the SNDS; OK – Reading  only
Too large output OK – Audited regularly
Incident handling OK – See “palier 3 imputabilité”
Time-stamping OK – Dedicated and recorded procedure
Regular audits réguliers OK – At minimum, annually
Authorisation review OK – At minimum, annually
Access rights If possible technically (excluding anonymisation)