The client
MARTI is a medical application designed to improve care for allophone patients in emergency situations.
Of the 22 million emergency room visits in France every year, between 5% and 10% involve allophone patients (i.e. non-French speakers) or those with language disorders (deaf-mutes, dysarthria, aphasia, etc.).
Every year, more than a million patients are at risk of being mismanaged in the emergency department, with all the consequences that this entails.
Thanks to the MARTI application, these patients can now carry out their own anamnesis (i.e. answer questions about their history, allergies, symptoms, social situation, etc.), thanks to questions translated into their mother tongue and the use of pictograms to make it easier for them to understand the questions.
The application automatically generates a report translated into French, enabling doctors to take immediate charge of the patient.
Our service
This application is intended for use in hospitals to facilitate the work of nursing staff. However, such a healthcare application is destined to handle (collect, store, process, share) a very large amount of personal and sensitive data.
MARTI's priority was to bring their application to market. A very specific action plan was therefore put in place to support MARTI in bringing their application into compliance, for rapid market launch.
In this context, priority was given to PIA (i.e. Privacy Impact Assessment). The CNIL defines a PIA as a tool for building a GDPR-compliant and privacy-friendly processing operation, when a personal data processing operation is likely to give rise to a high risk for the rights and freedoms and data subjects. This is the case with health data: when health data loses confidentiality, the impact on the privacy of the people concerned is then strong.
The work of an PIA is an in-depth analysis carried out on a single data processing operation. This analysis covers all aspects of security and protection of individual privacy, in relation to this specific processing, with the aim of identifying all areas requiring improvement.
The specifics of this project
The specificity of this project lies mainly in the sensitive nature of the data processed by healthcare establishments, and therefore by the MARTI application, which is used in the hospital environment.
Healthcare establishments (hospitals, Ehpad) and professionals developing connected healthcare solutions are, like all professionals, responsible for the security of the data they process.
Failure to meet these obligations has legal, financial, human and/or reputational consequences.
However, the sensitive nature of the health data concerned here means that the consequences of a data breach can be all the more significant. Indeed, when health data loses its confidentiality, it can carry a very strong stigma from professional and/or personal circles. This has a major impact on privacy (as in the case of personal data concerning certain illnesses or infections, for example).
The MARTI application project is therefore a perfect illustration of CyberSecura's experience in the protection of healthcare data, and of our commitment to compliance for players in this field.
Related blog posts:
Did you enjoy this blog post?
Find more content related to cybersecurity and GDPR regulatory compliance on the CyberSecura blog!
Find out more about our DPO expertise in healthcare data protection
We need your answers!
By completing this survey, you are helping us to better understand your interactions with our site and your potential needs.
Your answers are anonymous, and unless you ask to be contacted again by our teams, no personal information is requested!
Thank you for your responses!
Would you like to be informed of our news and receive our latest blog articles directly in your mailbox? Subscribe to our monthly newsletter!
Would you like to discuss your difficulties, your needs, our offers? Ask to be contacted, free of charge and without obligation, by one of our cybersecurity experts!
Comments