: Specific to French laws - Does an HDS web hoster work like a normal web hoster with more security? I was unsure where I should ask my question as this is an international site, but I figured
I was unsure where I should ask my question as this is an international site, but I figured out here would be best.
I'm currently in an internship in a company where we use "gandi.net" as web hoster for our servers etc..., but my boss asked me to check whether it could be replaced by an "HDS" labeled hosting service because he heard about those recently and got interested by it.
The problem being after few searches to see what HDS meant I think it's a label that means the web hosting service is approved by government to be used as a hosting service to store medical data but it doesn't seem to target people who don't use any medical data currently.
As my boss was very vague about this (because he doesn't seem to know what those exactly are yet), I had one question I wanted to ask to someone who's familiar with the different web hosting services existing in France:
"Does an HDS web hoster work like a normal web hoster with more security? Or are there features that those HDS web hoster can't do that a 'standard' web hoster like gandi can?"
For reference here is on the French government website a list of those so-called HDS approved sites: esante.gouv.fr/services/referentiels/securite/hebergeurs-agrees To me they don't look like they can do the same things as gandi can and since our activity is far from this atm, I wanted to be sure.
I'm sorry if this was the wrong place to ask but I didn't know of many other places where I could ask open questions.
More posts by @LarsenBagley505
1 Comments
Sorted by latest first Latest Oldest Best
To answer your specific question the only difference between a standard web host and a HDS approved web host is that the HDS web host has gone through HDS approval through the French government. In effect it is to do with health data security. HDS approved hosts are authorised under the law to host health data related systems where a patients data is stored on the hosts network. The requirements are complicated but boiled down it is to do with physical access to the servers, electronic access to the data, data encryption, firewalls, virus protection, etc.
The key difference I can think off just of the top of my head between HDS and non HDS hosts would be around encryption of data with most web hosts not encrypting data. Most web hosts already adopt strict access controls for physical access to data floors, electronic access to machines, etc. In addition where the machines in question are physical or virtual servers as opposed to shared hosting servers generally the hosting provider doesn't have electronic access to the machine as the passwords are held by the customer and not the host.
Basically unless your boss has a business case for shifting hosting to a HDS approved host I would recommend talking him out of it as the hosting costs are generally higher given the costs of getting accredited in the first place and the relatively small number of approved HDS hosts compared to the overall number of hosts available.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.