Healthcare data compliance in Europe

Hébergement de données de santé en Europe OVHCloud

Compliance for hosting healthcare data in Europe and HDS compliance in France

Personal healthcare data is particularly sensitive, and its confidentiality is rigorously governed in all European states, through the GDPR as well as local requirements.

We have in-depth expertise as a cloud solutions provider in this sector, and offer our customers a specific contract for hosting healthcare data which is applicable to a number of European countries.

Icons/concept/Page/Page Certificate Created with Sketch.
Strict contractual commitments

We offer contractual conditions that are specific to the healthcare sector. This includes specific security measures and guaranteed global availability commitments. The responsibilities shared between the customer and OVHcloud are explicitly listed, and subscription to Business or Enterprise level support is mandatory.

Icons/concept/padlock/padlock Closed Created with Sketch.
Global healthcare compliance for a number of European countries

We commit to follow regulatory obligations — the GDPR in Europe, and various legislations associated with healthcare data hosting in a number of countries, including France, Germany, the UK, Italy and Poland.

Icons/concept/Community Created with Sketch.
HDS certification for French patient data

The French Agency for Digital Healthcare (ANS) sets a rigorous framework for the practices associated with healthcare data hosting, and HDS certification is a mandatory requirement for it. OVHcloud received this approval in 2016, then received HDS certification in 2019 — so that all its Healthcare customers could benefit from this reassurance.

Prices of our healthcare-compliant products

Packs - with Business or Enterprise level support required Price per month
SDDC 16 (2 hosts each with 16 GB of RAM and 6 cores) $1,145.00 /month
SDDC 64 (2 hosts each with 64 GB of RAM and 10 cores) $2,805.00 /month
SDDC 128 (2 hosts each with 128 GB of RAM and 10 cores) $3,855.00 /month
SDDC 256 (2 hosts each with 256 GB of RAM and 20 cores) $6,321.00 /month
SDDC 512 (2 hosts each with 512 GB of RAM and 20 cores) $8,913.00 /month
vSAN 256 (3 hosts each with 256 GB of RAM and 20 cores) $11,039.00 /month
vSAN 512 (3 hosts each with 512 GB of RAM and 20 cores) $15,338.00 /month
Host With HDS certification
SDDC 16 $453.00 /month
SDDC 64 $1,283.00 /month
SDDC 128 $1,808.00 /month
SDDC 256 $3,041.00 /month
SDDC 512 $4,337.00 /month
vSAN 256 $3,600.00 /month
vSAN 512 $5,033.00 /month
Datastore Price per hour Price per month
2 TB $0.20 /hour $139.00 /month
3 TB $0.31 /hour $209.00 /month
6 TB $0.58 /hour $289.00 /month
9 TB $0.80 /hour $539.00 /month
18 TB $1.60 /hour $1,079.00 /month
36 TB $3.19 /hour $2,149.00 /month
Server - with Business or Enterprise level support required Price
mHG-2019 From $335.99 /month
FS-MAX From $446.99 /month
HG-2019 From $509.99 /month
BHG-2019 From $901.99 /month
Need help or information?

You can request a free callback from an OVHcloud adviser.

Datacentres that are HDS-certified and compliant for healthcare data hosting

Hosted private Cloud picture
Hosted Private Cloud

OVHcloud datacentres:

    Roubaix (RBX), France
    Strasbourg (SBG), France
    Beauharnois (BHS), Canada
    London (ERI), United Kingdom
    Frankfurt (FRA), Germany
    Warsaw (WAW), Poland
HG Dedicated server Picture
HG Dedicated Servers

OVHcloud datacentres:

    Roubaix (RBX), France
    Strasbourg (SBG), France
    Beauharnois (BHS), Canada
    London (ERI), United Kingdom
    Frankfurt (FRA), Germany
    Warsaw (WAW), Poland

Healthcare data solutions

What is HDS healthcare certification?

Both personal healthcare data and healthcare data solutions are particularly sensitive. They are a vital part of patients’ private lives, an important building block in the healthcare journey, and a useful tool for healthcare professionals. The regulator progressively defines the practices associated with rapid development of healthcare data solutions.

As a result, healthcare professionals, establishments and patients need to contact certified service providers for hosting personal healthcare data externally. Ministerial accreditation offers an additional guarantee in the ethical and financial domains, in terms of respecting patients’ rights and complying with data security regulations.

The legal framework for hosting healthcare data is based on article L.1111-8 of the public healthcare code, created by the Kouchner law (law n°2002-303 of 4 March 2002 relative to patient rights). Decree n°2006-6 of 4 January 2006 defines the accreditation conditions for healthcare data hosting providers using IT equipment. Its terms have been added to articles R.1111-9 onwards in the public healthcare code.

Currently, only our datacentres in France and Canada have HDS certification, but we will soon be receiving it for our datacentres in the UK, Germany and Poland.
 

Stronger collaboration between OVHcloud and healthcare professionals

With its Private Cloud Healthcare solution, OVHcloud provides an optimal infrastructure for hosting healthcare data solutions. This specially-designed solution comes with a strict responsibility shared with the data controllers, linked to the sensitivity of the services and the data hosted.

To achieve this, OVHcloud relies on a team of experts and a doctor specialised in hosting healthcare data. In addition to this, healthcare customers have access to the documentation they need to implement a secure and reliable healthcare information system.

We promise to ensure compliance with the legal and regulatory obligations in force, particularly with regards to personal data protection and healthcare data hosting. We also ensure that any service providers and processors are compliant. This commitment is reflected through the review of OVHcloud Healthcare customer contracts by a doctor from the hosting company, and the clause for customer audits outlined in the OVHcloud Healthcare Special Conditions.

OVHcloud maintains an increased level of security for healthcare data, in compliance with the very strictest legal and regulatory requirements in force. The measures we deploy are both organisational and technical. We focus particularly on data access control, high-level authentication, and the traceability of all operations carried out on the data. A confidentiality and security policy is formalised, implemented and evaluated.