Archives: France

Subscribe to France RSS Feed

France Launches Consultation on Regulation for Biometrics at Work  

The General Data Protection Regulation (GDPR) applicable since 25 May 2018 , modifies the legal rules on the use of  biometric data. The processing of biometric data for the purpose of “uniquely identifying a natural person”  is, as a matter of principle, prohibited under Article 9 GDPR . Amongst the authorised exceptions is the processing “necessary … Continue Reading

France Issues New Rules for the Accreditation of Health Data Hosting Services Providers

As some companies may have experienced already, the French Public Health Code (Article L.1111-8) requires that services providers hosting certain types of health/medical data (in French “hébergeurs de données de santé” or “HDS”) be accredited for this activity. The accreditation procedure is changing, effective 1 April 2018, from an authorisation procedure to a certification… Continue Reading

France’s Law to Accompany the GDPR and EU Directive Published

On December 13, 2017 the French Ministry of Justice published a draft law to accompany the implementation within France of the General Data Protection Regulation 2016/679 (GDPR) and the Directive 2016/680, governing the handling of data in law enforcement situations. The following are some of the noticeable change brought by the draft law with respect … Continue Reading

A New French Scientific Committee For Cybersecurity of Medical Device Software

The French  National Agency for Safety of Medicines and Health Products (Agence nationale de sécurité du médicament et des produits de santé or ANSM) has announced on its website in October 2017 the  creation of a  “temporary specialized scientific committee” (comité scientifique spécialisé temporaire CSST) on the cybersecurity of medical device software.… Continue Reading

The CNIL Publishes Compliance Pack for Connected Cars

On October 17, 2017, the French data protection authority, the CNIL, released a “compliance pack” for connected cars. This toolkit provides guidance to stakeholders on how to integrate data protection by design and by default into their production pipeline, enabling data subjects to have effective control over their data. Developed by the CNIL in consultation with … Continue Reading

Survey of the National GDPR Implementation Laws of Key Member States

While the GDPR compliance clock is ticking for companies, EU Member States have also been preparing for the implementation of the General Data Protection Regulation (“GDPR”) which will become enforceable on May 25, 2018. The GDPR will be directly applicable in all EU Member States without the need for implementing national laws. However, apart from … Continue Reading
LexBlog