Consolidated Statutes and Regulations
Consolidated Statutes
Consolidated Regulations
Annual Statutes and Regulations
Annual Statutes
Annual Regulations
Additional information
Québec Official Publisher
What’s new?
Information note
Policy of the Minister of Justice
Laws: Amendments
Laws: Provisions not in force
Laws: Provisions brought into force
Annual Statutes: PDF versions since 1996
Regulations: Amendments
Annual Regulations: PDF versions since 1996
Court Decisions
M-19.2 - Act respecting the Ministère de la Santé et des Services sociaux
Section 5.2
Disposition versions
5.2. (Repealed).
2012, c. 23, s. 149; 2017, c. 282017, c. 28, s. 211; 2023, c. 52023, c. 5, s. 2161.
5.2. In exercising the functions of office under section 10.1 of the Act respecting the governance and management of the information resources of public bodies and government enterprises (chapter G-1.03), the health and social services network information officer shall define, in respect of the public bodies identified in subparagraph 5 of the first paragraph of section 2 of that Act, specific rules applicable to health and social information management that pertain, among other things, to
(1) the governance framework for health and social information security management, and security guidelines;
(2) the protection of confidential or personal information contained in information assets, and the confidentiality of the unique user identification number;
(3) user and provider identity management and access authorization management with respect to information assets;
(4) the physical and logical security of infrastructures, communications security and integrated security risk management and incident management;
(5) the certification of supplier applications that allow access to health information governed by the Act respecting the sharing of certain health information (chapter P-9.0001);
(6) the categorization of information and the means of authenticating a person’s identity, in accordance with defined degrees of trust; and
(7) reporting by the persons in charge of information assets.
The specific rules come into force after being approved by the Conseil du trésor.
5.2. In exercising the functions of office under section 10 of the Act respecting the governance and management of the information resources of public bodies and government enterprises (chapter G-1.03), the health and social services network information officer shall define, in respect of the public bodies identified in subparagraph 5 of the first paragraph of section 2 of that Act, specific rules applicable to health and social information management that pertain, among other things, to
(1) the governance framework for health and social information security management, and security guidelines;
(2) the protection of confidential or personal information contained in information assets, and the confidentiality of the unique user identification number;
(3) user and provider identity management and access authorization management with respect to information assets;
(4) the physical and logical security of infrastructures, communications security and integrated security risk management and incident management;
(5) the certification of supplier applications that allow access to health information governed by the Act respecting the sharing of certain health information (chapter P-9.0001);
(6) the categorization of information and the means of authenticating a person’s identity, in accordance with defined degrees of trust; and
(7) reporting by the persons in charge of information assets.
The specific rules come into force after being approved by the Conseil du trésor.
