Health Data Host (HDS) for SaaS Cloud Services

Table of remote access and data transfers

The scope of Oracle SaaS Cloud Services that may support the French health data hosting services under the health data hosting (HDS) framework published by French ASIP Santé HDS Certification - Certification framework requirements and controls dated May 23, 2018 and updated on April 26, 2024.

The HDS Certification of Oracle SaaS Cloud Services is a regulatory requirement for hosting and/or processing of health data for French customers. The specifications for certification are based on:

  • ISO/IEC 27001:2022; and
  • other specifications for hosting of French customers’ health data like Public Health Code - Article R.1111-11

1. The following table provides the details of hosting and processing activities delivered by Oracle SaaS Cloud Services for French customers:

Business name of the actor Role in the hosting service (Host/processor of the Host) HDS certified (yes / no / exempted) SecNumCloud 3.2 qualified Hosting activities in which the player is involved Access to personal health data from countries outside the European Economic Area, by the Host or one of its processors (Requirement No 29 of the HDS framework) Host or processor subject to a risk of access to personal health data from countries outside the European Economic Area, imposed by the legislation of a third country in breach of EU law (Requirement no 30 of the HDS framework)
Oracle SaaS Fusion Application Host Yes No Infrastructure provisioning, processing, storing and securing Fusion application data in OCI commercial regions.

Activities carried out per HDS section 3.1.4:
  • The provision and maintenance in operational condition of the platform for hosting information system applications (HDS activity 4).
 Yes, Remote access to provide customer support, patching and maintenance services by Oracle employees from non-EEA countries US, UK, India and Australia. Yes, Oracle applies safeguards such as break glass, anonymization, pseudonymization, data masking and truncation controls to limit Oracle's access to customer data.
Infrastructure provisioning, processing, storing and securing Fusion application data in restricted European cloud regions.

Activities carried out per HDS section 3.1.4:
  • The provision and maintenance in operational condition of the platform for hosting information system applications (HDS activity 4).
 No, Remote access to provide customer support, patching and maintenance service by Oracle employees from countries within European Economic Area only. No, Oracle provisions its services from delivery locations globally as per the applicable data center region.

2. The following table provides the details of hosting activities of providers supporting Oracle SaaS Cloud Services for French customers:

Business name of the actor Role in the hosting service (Host/processor of the Host) HDS certified (yes / no / exempted) SecNumCloud 3.2 qualified Hosting activities in which the player is involved Access to personal health data from countries outside the European Economic Area, by the Host or one of its processors (Requirement No 29 of the HDS framework) Host or processor subject to a risk of access to personal health data from countries outside the European Economic Area, imposed by the legislation of a third country in breach of EU law (Requirement no 30 of the HDS framework)
Oracle Cloud Infrastructure Infrastructure service provider for Fusion Application in commercial and restricted European regions Yes No Provide core infrastructure service for Oracle SaaS Fusion Application

Activities carried out per HDS section 3.1.4:
  • The provision and maintenance in operational condition of physical sites for hosting the hardware infrastructure of the information system used to process the health data (HDS activity 1);
  • The provision and maintenance in operational condition of the hardware infrastructure of the information system used to process the health data (HDS activity 2);
  • The provision and maintenance in operational condition of the virtual infrastructure of the information system used to process the health data (HDS activity 3);
  • The provision and maintenance in operational condition of the platform for hosting information system applications (HDS activity 4);
  • Backing up health data (HDS activity 6).
 No No, Oracle Cloud Infrastructure customers can select a default data region, depending on available regions for those services.

3. The following subprocessors may be used for processing health data of French customers:

Business name Role in the hosting service (Host/processor of the Host) HDS Certification (yes/no/exempted) SecNumCloud 3.2 qualified Hosting activities in which the player is involved Oracle SaaS Application Access to personal health data from countries outside the European Economic Area, by the Host or one of its processors (Requirement No 29 of the HDS framework) Host or processor subject to a risk of access to personal health data from countries outside the European Economic Area, imposed by the legislation of a third country in breach of EU Law (Requirement no 30 of the HDS framework).
Akamai Technologies, Inc. Sub-Processor No No CDN Services, Content Delivery Network Fusion ERP, HCM, CX/CRM, SCS, EPM. No
The subprocessor is optional and disabled by default for EU customers. The subprocessor can be activated only on a customer request. Processing locations. 		No
OpenAI Sub-Processor No No Large Language Models (LLM) via API calls. Fusion ERP, HCM, CX/CRM, SCS. No
The subprocessor is optional and disabled by default for EU customers. The subprocessor can be activated only on a customer request. Processing locations. 		No
Rchilli, Inc. Sub-Processor No No Resume Parse services. Fusion HCM No
The subprocessor is optional and disabled by default for EU customers. The subprocessor can be activated only on a customer request. Subprocessing activities are hosted on OCI. Processing locations. 		No
Twilio, Inc. Sub-Processor No No SMS aggregator. Fusion ERP, HCM, CRM. No
The subprocessor is optional and disabled by default for EU customers. The subprocessor can be activated only on a customer request. Processing locations. 		No

Remote access for services such as troubleshooting and maintenance may be provided by Oracle SaaS Cloud Services employees in certain non-EEA countries, including the US, UK, India, and Australia depending on customer instructions. While the US and UK, benefit from an adequacy decision by the European Commission, Oracle has an intra-company data transfer and mandate agreement for countries like India and Australia in addition to processor Binding Corporate Rules (BCR). This agreement outlines the privacy and security practices applied between Oracle Corporation and its affiliates when processing and transferring personal data for Consulting, Advanced Customer Services, Technical Support, and other services to their customers and customer affiliates. Moreover, they are included within Oracle SaaS Cloud Services ISO 27001:2022 certification and follow centralized ISMS processes.

The data sovereignty provisions outlined in HDS version 2.0 require that health data be stored exclusively within the European Economic Area (EEA). Customers are responsible for assessing and ensuring their own compliance obligations, including those arising from HDS version 2.0.