France's data protection authority, the Commission nationale de l'informatique et des libertés, issued three standards related to the health sector and patient data. One standard will help apply EU General Data Protection Regulation principles to sensitive data used toward medical and administrative management, while the other two aim to help manage data retention in the health and health research sectors. With the retention standards, the CNIL published a guide to help navigate the new standards.
Benchmarking Reports
- Reference for retention periods in the non-research health sector
- Repository of retention periods in the field of health research
- Standards relating to the processing of personal data for medical and paramedical practices
Additional Guidance
Approved