HDS - Health Data Hosting
HDS - Health Data Hosting
HDS (Hébergement de Données de Santé) certification is mandatory in France for any host of personal health data. It guarantees a high level of security and confidentiality for medical data.
What is HDS certification?
HDS certification is issued by accredited organizations and certifies that the host meets the security requirements defined by the French Public Health Code (article L1111-8).
Who is affected?
Any organization hosting personal health data on behalf of healthcare professionals or healthcare institutions must be HDS certified:
- Cloud hosts
- SaaS providers (medical software, patient records)
- Data centers hosting healthcare applications
Certifiable activities
HDS certification covers several activities:
- Provision of physical infrastructure
- Provision of virtual infrastructure
- Administration and operation of infrastructure
- Outsourced backup
- Data restoration
- Electronic archiving
Security requirements
- Traceability: Logging of access and operations
- Physical security: Protection of premises and datacenters
- Logical security: Access control, encryption, isolation
- Business continuity: Recovery and backup plans
- GDPR compliance: Protection of personal health data
Validity and renewal
HDS certification is valid for 3 years and is subject to regular surveillance audits.
Official resources
Certified Providers
These providers hold this certification according to the directory data.