HDS Certification – Health Data Hosting Compliance in France

HDS (Hébergeur de Données de Santé) certification ensures organisations hosting or processing French health data meet strict security, availability, and compliance requirements under the French Public Health Code. We help organisations implement and maintain HDS-aligned controls that protect sensitive healthcare information and meet regulatory obligations.

What is HDS?

HDS certification defines the requirements for securely hosting and processing French health data, ensuring organisations implement and maintain controls that meet the expectations of the French Public Health Code. It provides a structured approach for managing risks, applying appropriate security measures, and demonstrating compliance to regulators and healthcare partners.

The framework requires organisations to balance regulatory and operational obligations with practical security controls. A key part of this is defining the certified hosting activities and the related security measures, clarifying which controls apply, why they are needed, and how they address risks linked to sensitive health data.

Medical professionals standing together, one holding a tablet, another wearing a stethoscope, engaging in a discussion.

Why Choose Seratos for HDS?

  • Deep Healthcare Compliance Expertise

    We understand the specific legal and technical expectations of the French Public Health Code, ensuring your HDS approach aligns with real regulatory requirements.

  • Practical, Security‑ Focused Implementation

    We help you apply the exact controls needed for HDS certification in a way that fits your operational model without unnecessary complexity.

  • End‑to‑End Certification Support

    We guide you through scoping, documentation, audits, and ongoing improvements so you can achieve and maintain HDS compliance with confidence.

Work With Us

Our Comprehensive HDS Services

Low-angle view of tall skyscrapers in a city with overcast sky and fog obscuring their tops.

  • We design and implement the security measures required for HDS certification, ensuring your organisation can securely host and process French health data in line with regulatory expectations.

  • We document the HDS‑required security measures for your certified hosting activities, clarifying which controls apply, why they are needed, and how they address risks linked to French health data.

  • We perform independent HDS readiness reviews to evaluate your compliance level, identify gaps, and ensure you are fully prepared for the certification audit.

  • We guide you through the HDS certification audit by coordinating with the accredited auditor, preparing required evidence, and helping you respond effectively to any findings

  • We maintain and improve your HDS‑aligned controls over time, ensuring your certified hosting activities remain compliant as your systems, risks, and regulatory expectations evolve.

  • We build your team’s understanding of HDS requirements and strengthen the skills needed to operate and maintain compliant health‑data‑hosting practices.

Work With Us
Work With Us

Supported Standards & Frameworks

  • Logo of the International Telecommunication Union, with a world globe design behind large blue letters TSO and the date 2001 below.
  • Logo of the United Nations Organization for Standardization with the text 'ISO' and the number 42001.
  • Red logo of the International Organization for Standardization (ISO) with the text 'ISO' overlapping a globe, and the number '9001' below.
  • Logo of the International Organization for Standardization (ISO) with a globe and the number 13485.
  • Logo of the International Organization for Standardization (ISO) with the text 'ISO' and the number '22301', surrounded by a globe and the words 'International Organization for Standardization'.
  • A digital badge with a shield shape in shades of blue and purple, displaying the NIST logo, the words "National Institutes of Standards and Technology," and the acronym "CSF" at the bottom.
  • A badge with a dark blue background, light purple border, and the logo of the National Institutes of Standards and Technology (NIST). The badge has a check mark icon at the top and the text "NIST," "National Institutes of Standards and Technology," and "SP 800-171" on it.
  • Badge with a shield and circuitry design, inscription 'Certification' across the bottom, and surrounding text 'Cybersecurity Security Maturity Model' and 'Model'.
View All Our Supported Standards

HDS - Frequently Asked Questions

  • HDS certification verifies that an organisation securely hosts and processes French health data in compliance with the Public Health Code.

  • Any provider hosting, processing, or managing French health data on behalf of healthcare organisations must be HDS‑certified

  • Most organisations complete preparation and the audit process within a few months, depending on scope and maturity.

  • The audit evaluates your technical, organisational, and operational controls across the specific hosting activities you want certified

  • ISO 27001 alignment is expected, as HDS builds on its principles while adding healthcare‑specific requirements

  • HDS certification is valid for three years, with annual surveillance audits to confirm ongoing compliance.