Javascript is required
logo-dastralogo-dastra

GDPR Data processing modelHealthcare data processing via secure messaging

By: Ludwig Karneth
HealthPublic
The purpose of this processing is to exchange health data using a secure health messaging service between authorized professionals.

Purposes (1)

A purpose is the objective pursued by the setting up of your file. It indicates what the processing of personal data will be used for, its purpose. This purpose must be clear and understandable

1
Exchange health data using a secure health messaging service between authorized professionals
Exchanges between - the shared directory of healthcare professionals (RPPS), - the ADELI directory (Automatisation des listes) - the FINESS directory (Fichier d'identification nationale des établissements sanitaires et sociaux). - the SIRENE directory (Système Informatique pour le Répertoire des Entreprises et de leurs Établissements)
Public interest

Data categories (3)

Personal data is any information relating to an identified or identifiable natural person. A natural person can be identified either directly (eg surname and first name) or indirectly (eg phone number, social security number, email or postal address, but also voice or image)

Data relating to the persons concerned by the data exchanged

Data details

State de santérequiredsensitive data
Emailrequired
phone numberrequired
Addressrequired
Social Security Numberrequiredsensitive data
Genderrequired
Date and place of birthrequired
first and last namerequired

Data conservation rules

Active base:

Period of activity of these professionals. Deletion of mailboxes in the event of complete inactivity, characterized by the absence of user authentication for a maximum period of one year. Technical traces are kept for 1 year.

Data of people in charge of equipment and software administration

Data details

Natural person identifierrequired
Function required
Name and surnamerequired

Data conservation rules

Active base:

Period of activity of these professionals. Deletion of mailboxes in the event of complete inactivity, characterized by the absence of user authentication for a maximum period of one year. Technical traces are kept for 1 year.

Data relating to authorized professionals

Data details

Traces of actions on messagingrequired
Cookiesrequired
IP addressrequired
Secure health messaging addressrequired
professional titlerequired
Emailrequired
phone numberrequired
Data relating to means of authenticationrequired
Registration number for the shared directory of healthcare professionalsrequired
Name and surnamerequired

Data conservation rules

Active base:

Period of activity of these professionals. Deletion of mailboxes in the event of complete inactivity, characterized by the absence of user authentication for a maximum period of one year. Technical traces are kept for 1 year.

Data subject (3)

A data subject is any person whose data is collected, retained or processed by the data processing. e.g. In a recruitement process, any candidate for a position proposed in recruitement management process

  • Patients
  • Other
  • Healthcare Professionals
Author:
Ludwig Karneth
Ludwig Karneth
Created at:07/08/2023
Updated on:00/01/1970
License: © Creative commons :
Attribution / Pas d'utilisation commerciale
CC-BY-NC AttributionPas d'utilisation commerciale
Nb using:2

Access the full processing template

Try Dastra now to access all of our data processing templates that you can customize for your organization.It's free and there's no obligation for the first 30 days (no credit card required)

Add to my data processings record
Subscribe to our newsletter

We'll send you occasional emails to keep you informed about our latest news and updates to our solution

* You can unsubscribe at any time using the link provided in each newsletter.