Secure Health Messaging

Secure Health Messaging  is an electronic messaging system reserved for authorized health professionals. It is a “trusted space” reserved for health professionals, enabling them to exchange data in a dematerialized, secure and confidential way.

Interest of secure health messaging

The secure health messaging system aims to accelerate, strengthen and modernize exchanges between health professionals in the outpatient sector and health facilities. It represents an opportunity of gain, efficiency and productivity thanks to the reduction, or even the elimination, of mailings in paper form, the speed of transmission of information and documents, the time saved by the medical secretariats

Conditions for the implementation of secure health messaging systems

1- The messaging service must guarantee the identity of the sender and the recipient

Identification

For the creation of an email account, the controller is responsible for ensuring the identity of the end-user and his legal practice of the profession. This is why the controller must ensure that the access traces to email accounts can identify the natural person who accessed the application or organizational account.

Authentication

For health professionals, authentication must be done by means of a health professional card or an equivalent device approved by the body issuing the health professional card ;

For other authorized professionals, the end user must authenticate strongly, that is, by a process that requires at least two distinct authentication factors from what is known (a password for example), what we have (for example a smart card or an electronic certificate) and a characteristic of our own (for example a fingerprint).

2- The messaging service must ensure the security of messages and attachments

The system must ensure the security of messages and attachments, including the confidentiality and integrity of the data during their transfer between the authorized professionals’ station (the end user-sender and the end-user-recipient).

For this purpose, the use of encryption means in accordance with ANSSI recommendations to secure the transfer of messages and attachments is mandatory.

3- The secure health messaging service must ensure the secure storage of messages and attachments

When the treatment manager develops the secure health messaging device by himself and keeps the secure health messaging servers on his own, he is obliged to put in place the appropriate organizational and technical means.

On the other hand, when the controller is using a secure health messaging service developed and provided by a provider, he must ensure that the provider complies with all the provisions governing the use of the secure health messaging service.

Existing health secure messaging solutions

Several secure health messaging solutions like ProMess, Mailiz, and ApicryptV2 are now on the market. Some Hospitals have also developed their own secure health messaging service. This is the case of, for example, Poitiers, Limoges and Bordeaux hospitals.

A propos de Rockib ASSANI

Juriste titulaire d'une maîtrise en droit des affaires et carrières judiciaires, mon ouverture d'esprit et ma passion pour les NTIC m'ont conduit à l'Université de Strasbourg où je suis actuellement une formation en droit de l'économie numérique (notamment les données personnelles et la cybersécurité comme domaine d'intérêts).

Vous aimerez aussi...

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.