Genesys is committed to respecting the security and privacy of your information and your customer’s information, including personal health data in the cloud. As part of this commitment, Genesys Cloud has undergone an independent third-party audit to achieve the Hébergeur de Données de Santé (HDS) certification. The HDS certificate validates that Genesys Cloud ensures data confidentiality, integrity, and availability to our customers and partners.
What is HDS?
The Hébergeur de Données de Santé (HDS) is a French Law that governs the health data of French citizens.
HDS certification aims to strengthen the protection of personal health data and to build an environment of trust around eHealth and patient monitoring.
It is based on benchmarks including compliance with ISO standards and allows certification to be issued by an accredited independent body to any structure or organization hosting health data.
Personal health data is sensitive data. Their access is regulated by law to protect the rights of individuals. The hosting of this data must therefore be carried out under security conditions adapted to their criticality. The regulations define the terms and conditions expected.
What is the scope of the HDS certification?
As per the Shared Responsibility Model, AWS, as our Physical Infrastructure Provider provides the certificate for the provision of physical hosting and physical infrastructure activities.
The compliance for activities 1 and 2 are inherited from AWS:
- Provision and maintenance in operational condition of physical sites for hosting the hardware infrastructure of the information system used to process the health data
- Provision and maintenance in operational condition of the hardware infrastructure of the information system used to process the health data
Genesys Cloud CX achieved HDS certification in the following areas:
- Provision and maintenance in operational condition of the platform for hosting information system applications
- Provision and maintenance in operational condition of the virtual infrastructure of the information system used to process the health data
- Management and operation of the information system containing the health data
- Backup of the health data
Is Genesys Cloud HDS-certified?
Genesys Cloud CX is HDS-certified through an independent audit which verified our administrative, physical, and technical controls.
What about AppFoundry applications, third-party integrations, and bring your own technology service providers?
Genesys Cloud cannot guarantee that third-party providers are HDS-certified. The HDS certificate does not extend beyond Genesys Cloud CX.
Generally, if you are using a third-party technology to communicate protected health information to or from Genesys Cloud, you must ensure that the third-party technology provider is HDS-certified.
Where does Genesys Cloud support HDS?
Is Amazon Web Services (AWS) HDS-certified?
Yes. AWS has achieved HDS certification. Details can be found on AWS Artifact.
What is different in Genesys Cloud with HDS compliance?
Genesys Cloud provides HDS-compliant organizations the same user interface and user experience as non-HDS compliant organizations. The standard French language option is available to HDS and non-HDS customers.
- Genesys Cloud provides the same high level of security to all organizations. HDS-compliant organizations and non-HDS compliant organizations are equally secure.
- The standard terms & conditions are available in French for customers that require HDS compliance, with an added Health Data Hosting Schedule, which includes HDS requirements, such as the obligation for customers to provide contact details to Genesys for the person responsible for health data in their organization.
How do I sign up for Genesys Cloud with HDS compliance?
Inform Genesys at the earliest opportunity if HDS compliance is required, contact us. This is usually achieved as early as the RFI process.
Can I enable HDS compliance on an existing Genesys Cloud organization?
If you need to enable HDS compliance, contact us.
Do I have any responsibilities for using Genesys Cloud in a HDS-compliant manner?
Genesys Cloud customers:
- Must inform Genesys that HDS compliance is required. This information is stored as part of the customer’s profile.
- Must provide contact details for the person that Genesys must notify in the event of a health data breach and notify Genesys of any changes to the point of contact.
- Must use the HDS contract, which is the standard Genesys Cloud Services terms and conditions, translated into French, with an added Health Data Hosting Schedule.
- Must sign the certificate of compliance with the General Security Policy for Health Information Systems (PGSSI-S).
For more information, contact us.