← Home

Sovereign digital for public sector organisations

Sovereignty, compliance and accessibility for public sector organisations

Built-in regulatory compliance

GDPR Mapping, DPIA, external DPO
HDS Health data hosting
NIS2 Critical operators
ANSSI Cybersecurity
RGAA Digital accessibility
REEN Responsible digital

An approach tailored to your organisation

Municipalities & intercommunalities

Sensitive citizen data, small or non-existent IT teams, GDPR obligations, open-source software circular (2021), REEN law for towns above 50,000 inhabitants. Ekioo manages your IT end-to-end: strategy, compliance, sovereignty.

GDPROpen source circularREENRGAA

Schools & educational institutions

Children's data subject to enhanced protection. Several EU member states have banned Big Tech tools without impact assessment. Ekioo deploys sovereign environments connected to regional digital learning platforms, with refurbished hardware.

GDPR minorsEnhanced protectionENT interop.

Hospitals & healthcare facilities

The most targeted sector for cyberattacks (141 ransomware incidents in France in 2024 per ANSSI). HDS, NIS2 (critical operators), FHIR/HL7 interoperability, 24/7 continuity of care — Ekioo covers the full spectrum.

HDSNIS2ANSSIFHIR/HL7BCP/DRP

What Ekioo delivers for public organisations

Integrated regulatory compliance

  • GDPR: data mapping, DPIA, processing register, external DPO
  • HDS: exclusive deployment on ANS-certified infrastructure
  • NIS2: maturity audit, risk plan, ANSSI incident reporting
  • RGAA: accessibility audit and remediation support
  • REEN: digital carbon footprint measurement and reporting

Sovereignty & open source by default

  • No service subject to the US Cloud Act
  • DINUM/SILL-listed solutions (interministerial catalogue)
  • Hosting in France or Europe — no third-country data transfer
  • Health data: exclusively HDS-certified hosting

ANSSI-aligned cybersecurity

  • Audit using ANSSI guides and the MonAideCyber programme
  • Awareness training for staff and healthcare workers
  • Least-privilege principle and network segmentation
  • BCP / DRP: business continuity and disaster recovery
  • Critical patches applied within 72 hours

Team training

  • Cybersecurity awareness for all staff
  • Onboarding for deployed tools (Koopération, Konnaissance...)
  • Training for digital referents and system administrators
  • DPO / GDPR workshops for data correspondents

Example use cases

Organization
Need
Ekioo solution
Town of 8,000 inhabitants
Outsourced CIO, sovereign messaging
Koopération + outsourced CIO service
Intercommunality
GDPR + REEN compliance, knowledge base
Konnaissance + GDPR audit + REEN assessment
Public secondary school
Pupil data protection, refurbished equipment
Kollaborateur + sovereign Koopération
General hospital
HDS, NIS2, BCP/DRP, staff training
ANSSI audit + HDS hosting + training
Care home (ESMS)
Sovereign document management, HDS
Konnaissance + Koopération (HDS hosting)

Access via public procurement frameworks

Ekioo simplifies access to its services for public sector organisations by integrating with existing public procurement frameworks — no need to run a full tender process on your side.

UGAP

France's general government procurement centre. Any local authority, school, or hospital can purchase Ekioo IT services without running its own public procurement procedure.

Listing in progress
CANUT

Specialised digital and telecom procurement centre for local authorities, social housing organisations, and public institutions. Software, cloud, and digital services via dedicated framework agreements.

Listing in progress
RESAH

Procurement group for the hospital and medico-social sector. 2,700 member institutions, €3bn in annual purchases. IT framework agreements covering software, infrastructure, and services.

Engagement underway

Our commitments to the public sector

Independence

No exclusive resale agreements with proprietary publishers. Our recommendations are driven by your interest alone — not our margins.

Transparency

Per-service contracts, no hidden costs, no automatic renewals. You remain in control at all times.

Service continuity

SLAs adapted to the continuity requirements of hospitals and municipalities. Critical systems don't stop — neither does our responsiveness.

Full traceability

Complete documentation, transferable to your successor or another provider. You never depend on Ekioo to understand your own IT.

Are you a public sector organisation?

Let's discuss your regulatory challenges and the best way to access our services via your existing procurement frameworks.

Get in touch

Frequently asked questions

What is HDS certification and why is it mandatory?
Health Data Hosting (HDS) is a certification issued by France's ANS (Agence du Numérique en Santé). Any health data of a personal nature must be hosted with an HDS-certified provider — including patient records, clinical information systems, and test results. Storing this data on servers subject to the US Cloud Act (AWS, Azure, GCP) is illegal and constitutes a GDPR violation. Ekioo deploys exclusively on HDS-certified infrastructure for healthcare clients.
Are local authorities subject to NIS2?
Yes. The NIS2 directive significantly widens the scope of entities with cybersecurity obligations. Municipalities above 30,000 inhabitants, regions, and strategically important intercommunalities fall under NIS2 as important or essential entities. They must adopt cyber risk governance, report incidents to ANSSI, and implement auditable security measures.
How can a public body access Ekioo's services via UGAP or CANUT?
Ekioo is currently being listed on UGAP (general procurement centre) and CANUT (digital and telecom). Once listed, local authorities and public institutions can order Ekioo services directly without running their own competitive tender, under framework agreements negotiated by these central purchasing bodies. Contact us to find out the current status and available access routes.