Digital Health Agency protects sensitive information with Nexus PKI
The Digital Health Agency, or Agence du Numérique en Santé (ANS), is a French government agency responsible for digital transformation in the healthcare sector.
Digital transformation for healthcare has a wide-reaching impact on both, healthcare providers and patients. To promote extensive adoption of the transformational measures, ANS works with stakeholders across health, social, and medico-social sectors, in the private and public arenas.
One of the main objectives of ANS is the development and regulation of eHealth. It works to establish clear frameworks and best practices to facilitate secure exchange of health data. Additionally, ANS supports eHealth projects across France to enable professionals and users to benefit from innovation and digital change. The agency also assists government authorities in conducting digital projects of national interest such as MSSanté, SI-Samu, Santé.fr, etc.
IN Groupe is a long-standing, trusted provider of healthcare professional cards known as Carte de Professionnel de Santé (CPS). CPS, and its mobile version eCPS, allow users to securely authenticate themselves so that only authorized personnel can access sensitive national healthcare data and applications. User identification is done based on PKI technology that issues and manages digital certificates for CPS cards.
To ensure forward compatibility with the technological developments, there was a need at ANS to migrate to a new, future-proof PKI solution.
A major challenge with the migration was to implement the exact same Root CA, Intermediate CA, and certificate templates as with the older solution to ensure a smooth transition. “Nexus’ agile PKI solution made it possible for us to meet all the requirements with this upgrade. We were also able to migrate 8.2 million existing certificates to the newer system which guaranteed near-zero impact for the end-users”, says Fabrice Mallevaey, Program Manager at IN Groupe.
At ANS, the Nexus solution is used for digital certificate-based user authentication and digital signatures as well as to issue and manage TLS server certificates. Nexus PKI also offers real-time validation of digital certificates with its OCSP (Online Certificate Status Protocol) component, thus allowing the customer to adopt a more efficient alternative to CRLs.
“The technical expertise and professionalism of the project team made sure that the migration was successful and delivered on time. Since the upgrade, we have been able to successfully achieve the expected volume of issuing 1 million certificates each year, with 2.5 million validations requests carried out each week,” adds Fabrice Henriot, Program Director at ANS.
Nexus PKI, powered by the Certificate Manager, is an easy-to-scale, high-security platform for issuing, managing, and validating certificates for consumers, citizens, employees, communication services, software, and equipment. Compliance with standards assures that eIDs can be used across networks and applications from different vendors in a large-scale federated environment. The comprehensive solution is designed for diverse workforce, IoT, and trust service provider use cases.