No matter the type of data you need to host—even if it is not subject to specific regulations—you can rely on our infrastructure to store it with the highest level of security.
ISO 27001 standards are applied across all our Cloud and Telecom perimeters, ensuring that your data is protected even during transit to your platforms.
D-Lake provides hosting in datacenters across the European Union as well as in Switzerland, for companies requiring guaranteed data localization.
D-Lake is your ISO27001 & HDS* certified partner, providing a sovereign cloud hosted in data centers located in France, close to your infrastructure.
* HDS (Hébergeur de Données de Santé) is the french equivalent of HIPAA
ISO 27001 is an international standard for information security, providing a framework for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS).
It focuses on risk assessment, the implementation of security controls, and continuous improvement. This standard helps protect sensitive information, ensure compliance with international regulations, and strengthen stakeholder trust.
ISO 27001 also provides a competitive advantage by reducing costs associated with incidents or cyberattacks and improving overall operational efficiency compared to competitors.
HDS is a French certification framework ensuring the security, confidentiality, integrity, and availability of health data hosted by external providers. It is roughly equivalent to the US HIPAA standard but HDS is built upon ISO27001 standard.
It requires strict security measures, risk management, and regulatory compliance, including ISO27001 and GDPR.
The HDS certification strengthens the trust of patients and healthcare professionals, helps ensure compliance with legal requirements, and can provide a competitive advantage to certified providers.
According to the HDS standard, health data is any piece of information related to the physical or mental health of an identified individual, including medical records, test results, diagnoses, treatments, and genetic data.
This can also include information about well-being or lifestyle habits.
The protection of this data is crucial and requires strict security measures due to its sensitivity and its potential to reveal private and intimate information.
The HDS standard mainly applies to entities and service providers that host health data.
The main categories concerned are :
1 – Health Data Hosting Companies: Companies that provide services based on health data and require the storage of this data. For example, an analysis laboratory or a prosthetics provider falls into this category.
2 – Healthcare Facilities: Hospitals, clinics, and other care institutions that outsource the hosting of their health data.
3 – IT Service Providers: Companies specializing in IT that offer hosting or management solutions for health data on behalf of third parties.
4 – Health Technology Startups and Companies: Any company developing applications or services that use health data and require secure hosting.
5 – Research Organizations: Institutions and medical research laboratories using and storing sensitive health data.
In summary, the HDS standard applies to any organization that hosts, processes, or accesses health data, ensuring compliance with strict security and regulatory requirements.
The Regulatory and Legislative Framework of the HDS Standard includes:
1 – French Data Protection Act (Loi Informatique et Libertés, 1978, amended in 2018): Protects personal data in France.
2 – General Data Protection Regulation (GDPR): European regulation governing the processing of personal data.
3 – Public Health Code: Specifies the conditions for hosting health data, notably Articles L.1111-8 and following.
4 – Decree No. 2018-137 of 26 February 2018: Details the conditions for certifying health data hosts.
5 – Order of 6 January 2006: Establishes the accreditation conditions for health data hosts.
© D-LAKE