|
| 1 | +--- |
| 2 | +title: How to create a compliant volume to host healthcare data |
| 3 | +description: This page details the steps to follow to create a compliant Scaleway Block Storage volume to host healthcare data |
| 4 | +tags: |
| 5 | +dates: |
| 6 | + validation: 2025-11-12 |
| 7 | + posted: 2025-11-12 |
| 8 | +--- |
| 9 | +import Requirements from '@macros/iam/requirements.mdx' |
| 10 | + |
| 11 | +When hosting healthcare data using Scaleway Block Storage, you must follow the recommendations outlined in the [shared responsibility model](/block-storage/reference-content/storage-shared-responsibility-model/) to ensure compliance with legal and regulatory requirements, such as data protection laws, and industry standards. |
| 12 | + |
| 13 | +Adhering to these guidelines helps safeguard sensitive information against unauthorized access, breaches, and data loss, while also clarifying the roles and responsibilities between the cloud provider and the customer. |
| 14 | + |
| 15 | +<Requirements /> |
| 16 | + |
| 17 | +- A Scaleway account logged into the [console](https://console.scaleway.com) |
| 18 | +- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization |
| 19 | +- Signed an HDS contract with Scaleway for the guarantees outlined in the [shared responsibility model](/block-storage/reference-content/storage-shared-responsibility-model/) to apply |
| 20 | + |
| 21 | +## How to create a compliant volume |
| 22 | + |
| 23 | +To host healthcare data in compliance with HDS requirements, you must create a new Block Storage volume. |
| 24 | + |
| 25 | +1. Click **Block Storage** in the **Storage** section of the side menu. The Block Storage page displays. |
| 26 | +2. Click **+ Create volume**. |
| 27 | +3. Follow the steps in the creation wizard: |
| 28 | + - Select an [Availability Zone](/instances/concepts/#availability-zone) within the **PARIS** region. |
| 29 | + - Configure the volume: |
| 30 | + - Enter a name for your volume or leave the automatically generated name. |
| 31 | + - Select an [IOPS](/block-storage/concepts/#iops) option. You cannot edit the IOPS of a volume after its creation. |
| 32 | + - Define a volume size of at least 5 GB. |
| 33 | + - Optionally, select an **HDS-compliant Instance** from the drop-down to attach your volume. The Instance must be within the same Availability Zone as your volume. |
| 34 | + - Verify the estimated cost. |
| 35 | +4. Click **Create volume**. The volumes overview page displays. |
| 36 | + |
| 37 | +## How to encrypt data |
| 38 | + |
| 39 | +To guarantee compliance with HDS requirements, you must proactively encrypt data stored on the Block Storage volume using a reliable mechanism, such as [LUKS](https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup). |
| 40 | + |
| 41 | +Refer to the dedicated documentation for comprehensive information on [how to encrypt volumes using Cryptsetup with LUKS](/tutorials/encrypt-volumes/). |
| 42 | + |
| 43 | +## How to delete data |
| 44 | + |
| 45 | +Data must be deleted in a compliant way to make sure data can not be retrieved by any means immediately afterward. |
| 46 | + |
| 47 | +To do so, delete data from your volume as you would with a standard Block Storage volume, then delete the encryption keys used to encrypt the deleted data. |
| 48 | + |
| 49 | +## Prohibited actions on a compliant volume |
| 50 | + |
| 51 | +To host healthcare data, you must comply with the following requirements: |
| 52 | + |
| 53 | +- You must not use an existing Block Storage volume. |
| 54 | + |
| 55 | +- You must not export snapshots to an Object Storage bucket **that is not HDS-compliant**. Refer to the [dedicated documentation](/object-storage/how-to/host-healthcare-data/) to create an HDS-compliant bucket. |
| 56 | + |
| 57 | +<Message type="important"> |
| 58 | +Failure to comply with these requirements may lead to voiding compliance on the data contained in the volume. |
| 59 | +</Message> |
| 60 | + |
| 61 | +## Compliant volume creation checklist |
| 62 | + |
| 63 | +Make sure that your volume follows the requirements below: |
| 64 | + |
| 65 | +1. Make sure you are using a **new** Block Storage volume. |
| 66 | + |
| 67 | +2. Make sure you [created your volume](#how-to-create-a-compliant-volume) in an Availability Zone within the **France - Paris** region (`fr-par-1`, `fr-par-2`, `fr-par-3`). |
| 68 | + |
| 69 | +3. Use a [proactive encryption method](#how-to-encrypt-data) to encrypt your data. |
| 70 | + |
| 71 | +4. Follow the provided security best practices at all times. |
| 72 | + |
| 73 | +Refer to the [Storage Shared Responsibility Model](/block-storage/reference-content/storage-shared-responsibility-model/) for comprehensive information on the legal framework to host healthcare data. |
0 commit comments