Consolidated Statutes and Regulations Consolidated Statutes Consolidated Regulations Annual Statutes and Regulations Annual Statutes Annual Regulations Additional information Québec Official Publisher What’s new? Information note Policy of the Minister of Justice Laws: Amendments Laws: Provisions not in force Laws: Provisions brought into force Annual Statutes: PDF versions since 1996 Regulations: Amendments Annual Regulations: PDF versions since 1996 Court Decisions

M-19.2 - Act respecting the Ministère de la Santé et des Services sociaux

Section 5.2
Disposition versions

Full text
5.2. In exercising the functions of office under section 10.1 of the Act respecting the governance and management of the information resources of public bodies and government enterprises (chapter G-1.03), the health and social services network information officer shall define, in respect of the public bodies identified in subparagraph 5 of the first paragraph of section 2 of that Act, specific rules applicable to health and social information management that pertain, among other things, to
(1)  the governance framework for health and social information security management, and security guidelines;
(2)  the protection of confidential or personal information contained in information assets, and the confidentiality of the unique user identification number;
(3)  user and provider identity management and access authorization management with respect to information assets;
(4)  the physical and logical security of infrastructures, communications security and integrated security risk management and incident management;
(5)  the certification of supplier applications that allow access to health information governed by the Act respecting the sharing of certain health information (chapter P-9.0001);
(6)  the categorization of information and the means of authenticating a person’s identity, in accordance with defined degrees of trust; and
(7)  reporting by the persons in charge of information assets.
The specific rules come into force after being approved by the Conseil du trésor.
2012, c. 23, s. 149; 2017, c. 28, s. 21.
5.2. In exercising the functions of office under section 10 of the Act respecting the governance and management of the information resources of public bodies and government enterprises (chapter G-1.03), the health and social services network information officer shall define, in respect of the public bodies identified in subparagraph 5 of the first paragraph of section 2 of that Act, specific rules applicable to health and social information management that pertain, among other things, to
(1)  the governance framework for health and social information security management, and security guidelines;
(2)  the protection of confidential or personal information contained in information assets, and the confidentiality of the unique user identification number;
(3)  user and provider identity management and access authorization management with respect to information assets;
(4)  the physical and logical security of infrastructures, communications security and integrated security risk management and incident management;
(5)  the certification of supplier applications that allow access to health information governed by the Act respecting the sharing of certain health information (chapter P-9.0001);
(6)  the categorization of information and the means of authenticating a person’s identity, in accordance with defined degrees of trust; and
(7)  reporting by the persons in charge of information assets.
The specific rules come into force after being approved by the Conseil du trésor.
2012, c. 23, s. 149.
© Gouvernement du Québec