Our certifications

certifications

Euris Health Cloud is certified for Healthcare Data Hosting (HDS) & ISO 27001

Euris Health Cloud is certified for Health data infrastructure hosting activities and managed services, which consists in secure hosting and managing services in its datacenters and in hybrid cloud (for instance in AWS and MS Azure datacenters) of personal health data, collected or produced by editors, services providers or patients.

More precisely, Euris Health Cloud achieved certification in the following areas:

The provision and maintenance in operational condition of physical sites for hosting the hardware infrastructure of the information system used to process health information.

The provision and maintenance in operational condition of the hardware infrastructure of the information system used to process health information.

The provision and maintenance in operational condition of the virtual infrastructure of the information system used to process health information.

The provision and maintenance in operational condition of the platform for hosting information system applications.

The management and operation of the information system containing health information.

The backup of the health information.

This is in accordance with the statement of applicability v1.1 of 15/04/2019

HIPAA compliance (USA)

HIPAA (Health Insurance Portability and Accountability Act) is a US federal law related to privacy and protection of physical health information (PHI). Adopted in 1996, it has been completed several times, as in 2009 with HITECH (Health Information Technology for Economy and Clinical Health) and in 2013 with the Finale Omnibus Rule, creating new obligation such as shared liability or data breach notification.

The purpose of this legislation, commonly known as HIPAA, is to ensure that health providers, as well as companies working with them, are aware of the importance of health data and have an environment that is conducive to their protection, both at the level of privacy and security. It also recognizes a shared responsibility between Cover Entities and their Business Associates, and also with their Subcontractors. That’s why the use and disclosure of this data are defined by this legislation.

One of Euris Health Cloud’s priorities is to maintain our various conformities in order to meet the demands of our customers.

This is why we regularly realize risk analysis and privacy impact assessments, to ensure that we are continuously in compliance with legal and technical frameworks we are subject to as a health data service provider.

Thus, Euris Health Cloud complies with the provisions imposed by the HIPAA, both in terms of “Privacy” (strictly controlled use of personal health data, no unauthorized disclosure, respect for confidentiality, limited access to a certain number of people only for cases defined by law or contract, etc.) than “Security” (“Physical, Administrative and Technical safeguards” above, in addition to “HDS” (Hébergement de Données de Santé – “Health Data Service Provider) French law and ISO / CEI 27001 security standards).

CSL compliance (China’s Cybersecurity Law)

The Cybersecurity Law of the People’s Republic of China was officially implemented on June 1, 2017. The CSL is an evolution of the previously existent cybersecurity rules and regulations from various levels and fields, assimilating them to create a structured law at the macro-level.

The Cybersecurity Law also provides elaborate regulations and definitions on legal liability. For different types of illegal conduct, the Law sets a variety of punishments, such as fines, suspension for rectification, revocation of permits and business licenses, and others.

Although the new Cybersecurity Law is not a centralized law that regulates all aspects of data and privacy protection across all businesses, it gives clearer legal guidance on the issues related to cybersecurity and privacy protection in China.

china cybersecurity law logo

REQUEST THE COMPLETE CERTIFICATION FILE BY COMPLETING THE FORM BELOW

    By clicking this button, you consent the information collected on this form is recorded in a file computerized by Euris for the management of its customer relationship. Euris can inform you of its activities on an ad hoc basis or invite you to its events. In accordance with the French Law No. 78-17 of 6 January 1978 and the European Data Protection Regulation, you have the right of access, rectification and object the processing of your data, as well as the withdrawal of your consent at any time. For further information, please check our Privacy Policy.

    certification