What you should know about our standard on digital safe boxes


What is a digital safe box?

A digital vault differs from a storage space in that the data that is stored there (documents and some meta data) is only accessible to the holder of the vault, and to any persons whom he/she may have mandated.

What is the point of the digital safe box privacy seal?

The privacy seal certifies the quality of service of the digital safe box and its respect for the confidentiality and integrity of the data stored in it.

What do we mean by "operator" of the digital safe box?

The operator is the person or entity that implements a digital safe box.

It ensures the operational functioning of the system and the related security measures.

It also assumes the role of service provider to individuals and may make the request for the certification in its name.

What do we mean by "supplier" of the digital safe box?

The supplier of the digital safe box service is the legal entity that offers this service to users who are natural persons.

Who can apply for the digital safe box privacy seal?

Service-providers who implement a digital safe box service (operators) or propose one to users (suppliers) may apply for the privacy seal. The request may therefore be made jointly by the operator and its customer (the supplier).

If it performs the role of supplier of the service to private individuals, the operator alone may make the request for the privacy seal in its name.

What is meta data?

Meta data is data that is used for describing or managing stored documents. Only meta data created by the user and related to a document (such as the document name) is concerned by the CNIL's standard.

Are all of the requirements mandatory?

Yes, the 22 requirements are cumulative.

Do all of the requirements relate both to the operator and the supplier?

No, not all. Some requirements apply both to the operator and the supplier, but some of them are the responsibility of one or the other.

The requirements of the "Digital safe box" standard relating both to the operator and the supplier are the following : ED 01, ED 02, ES 02 (if the operator is not a health data hosting service provider and if he manages the client interface), ES 03 (if the operator manages the client interface), ES 04, ES 06, ES 13 (but especially the operator), ES 15 (for the notification procedure part only), ES 18 (if the supplier manages the client interface), ES 20 (if the choice of the authentication mechanism is left to the operator)

What are the requirements incumbent upon the operator alone?

The requirements incumbent only on the operator are the following: ES01 (if the operator is indeed the one who manages the client interface), ES02 (if the operator is a health data hosting service provider – he must provide the accreditation to the CNIL), ES05, ES07, ES09 to ES12, ES14, ES16 to ES20 (ES 18 if the operator manages alone the client interface; ES 20 if the supplier doesn’t have the choice of the authentication mechanism).

What are the requirements incumbent only on the supplier?

The requirements relating only to the supplier are ES01 (if the supplier manages the client interface); ES02 (if the operator is not a health data hosting service provider and if the supplier manages alone the client interface), ES03 (if the supplier manages alone the client interface); ES08; ES15 (for the letter sent to the user).