NextMotion is committed to guaranteeing to your patients full control and confidentiality of their data, and allow you to retrieve it at any time.
NextMotion commits to never sell your patients’ medical data, nor to use it for advertising purposes: it is only used to manage your practice population and consultations.
NextMotion commits to put all its efforts into guaranteeing the security of this data by storing it in HDS (personal data hosting) certified hosting companies.
Nextmotion is an ecosystem based on a medical cloud which allows you to sort, store and access your data wherever you are. In that sense, all your data is covered with the highest requested security level as it is hosted in France on servers authorized by the Haute Autorité de Santé (French Health Authority) - in our case, AWS who is certified.
In early 2018, we proceeded with an audit with a law firm specialized in the protection of personal data which are collected as part of using our solution. This audit allowed us to upgrade our tools in order to comply with the GDPR regulation which came into force on May 25, 2018.
As part of the steps we took to be compliant, allowing us to reach the highest level of certification, we set up a partnership in February 2020 with COREYE, a company which manages the data collected by our solution, thus allowing us to guarantee our infrastructure safety to our clients.
Last update : 15th February 2020 - 5:10pm
We were informed on January 27, 2020, that a cybersecurity company had undertaken tests on randomly selected companies and had managed to access our information system.They were able to access and extract media (videos and photos) from some of our patients’ files. These media are stored in a specific database separated from the patients' personal data database (names, birth dates, notes, etc) - only the media database was exposed, not the patients' database.
This company operates with the only goal to check security and alerted us of a potential risk of intrusion. Amazon Web Service warned us on the 30th of January, After internal discussions with Amazon's support, We immediately took corrective steps on the 4th February. The cybersecurity company formally guaranteed that the security flaw had completely disappeared. This incident only reinforced our ongoing concern to protect your data and your patients’ data when you use the Nextmotion application.
As a reminder, all your data is stored in France, in a secure HDS (personal data hosting) compliant medical cloud. Our application and our data management practice were audited in 2018 by a GDPR (General Data Protection Regulation) specialized law firm, in order to ensure our compliance with the data regulation which came into effect in 2019.
A notification to the CNIL has been made, investigations are still in progress. This notification will be completed as necessary based on the results of the investigation
This company also contacted press. Articles on this topic will probably be published in the coming days, which could raise concerns with your patients. We stand by you to answer precisely any questions worried patients may have. You can if you wish suggest they send us their questions in writing at this email address : email@example.com
You must know that I am personally committed to securing the technologies we make available to you.
Please accept my sincere apologies for this incident.
Dr Emmanuel ELARD,
CEO of NextMotion
Proper photograhic documentation is so important in our practice, the NextMotion solution answers all our needs.
"I cannot imagine to work today without this fantastic tool"