Cybersecurity and trusted third parties

3 October 2025
Cybersecurity
  • Share this post :
Numih Days Cybersecurity 80
Numih

A look back at Lauranne Peyron’s workshop at Numih France Days

On 1 October in Marseille, Lauranne Peyron, RSSI DPO of the Evolucare Group, led a strategic workshop during the Journées Numih France event. In the prestigious setting of the Palais du Pharo, Lauranne shared her expertise on a key issue: third-party security in an interconnected digital health world.

A focus on cybersecurity in the digital supply chain

Publicite Numih

Click to enlarge

The presentation, entitled “Third-Party Security – A Mid-Chain Perspective”, highlighted the growing risks associated with supply chain attacks in the healthcare sector.

Lauranne Peyron emphasised how controlling the intangible supply chain, including customers, service providers and suppliers, has become a governance imperative for healthcare institutions and solution providers.

Lauranne Cybersecurite Sante Evolucare

Increasingly demanding regulatory frameworks

The workshop highlighted the increasing obligations governing the security of supplier relationships in standards such as:

  • ISO/IEC 27001:2023
  • HDS v2 Reference Framework (2024)
  • European NIS 2 Directive: supply chain security
  • Cyber Resilience Act (CRA): due diligence in the integration of third-party components

All these standards require digital health players to be more vigilant about the risks posed by their suppliers and to implement processes for evaluating, contracting and monitoring service providers.

A strong message: safety cannot be delegated

Through an operational and structured approach, Lauranne Peyron illustrated best practices for third-party risk management within an increasingly distributed ecosystem. Her presentation emphasised the need to:

  • Know your suppliers and their risks
  • Protect critical functions
  • Regularly monitor and audit partner practices
  • Respond and rebuild quickly in the event of an incident
Lauranne Cybersecurite Sante

This proactive stance, which goes well beyond compliance, is in line with Evolucare’s CSR commitments under the Pact4all, and more specifically with the following pillars:

  • Ensuring continuity of care
  • Facilitating the work of healthcare professionals

In line with our commitment to ASINHPA

This initiative is also in line with our ongoing commitment to the ASINHPA Information Systems Security Working Group. By contributing to collective initiatives such as CERT-Asinhpa, Evolucare is strengthening its position as a committed player in the field of ethical, sovereign and secure digital health.

  • Lauranne Peyron
    Cyber risk management now requires a systemic approach that includes all players in our value chain. Every customer, every supplier, every service provider is an extension of our information system.
    Lauranne PEYRON
    CISO and DPO, Evolucare

Our upcoming cybersecurity conferences

📍 See you on 13 November 2025 in Paris!
Lauranne Peyron will once again be speaking at the SSI Santé meetings organised by APSSIS at the Salon des Arts et Métiers.
This is a must-attend event for digital health professionals who want to learn more about cybersecurity, regulatory compliance and resilience in the face of threats.

🎯 To learn more: discover how our ISO 27001 and HDS certified solutions help organisations secure their health data.
Our cybersecurity expertise