English
Nederlands
Comply with the national level on information security
NEN 7510 certification
Every organisation in the healthcare sector must comply with NEN 7510. This is a national requirement when it comes to handling privacy-sensitive information.
It is not unexpected that much attention is paid to the protection of information. After all, this information goes from GP to specialist (or even several specialists), only to return to the GP. Medical and patient data is frequently exchanged between them.
NEN 7510 is an international standard for information security in the healthcare sector. It is compulsory for healthcare providers to apply NEN 7510 within the organisation. The standard describes the information security process on the basis of which an organisation gets and keeps its information security in order, specifically aimed at the healthcare sector.
What is NEN 7510?
In short, NEN 7510 is an information security standard developed especially for the healthcare sector. Think of hospitals, general practitioners, pharmacists, nursing homes et cetera. It is a legal requirement for all healthcare providers to apply NEN 7510, but although they must comply with the standard, certification is not mandatory.
To meet the desired level of service, it is necessary for healthcare providers to have access to reliable information at any time. At the same time, it is vital that sensitive information does not fall into the hands of unauthorised parties to protect patient privacy.
Achieve NEN 7510 certification
What does the NEN 7510 entail?
In healthcare, it can be important to be able to act quickly. Healthcare providers should be able to access the right reliable information at any time. It is also very important that this information cannot fall into the hands of external parties.
Due to the large number of parties working in healthcare, information security is very complex. Each party plays its own role in collecting data, storing and processing, as well as transporting information.
NEN 7510 is an umbrella standard that provides a framework for each party for the processes relevant to that specific party. In addition, NEN 7510 also immediately provides the corresponding measures. As NEN 7510 is mandatory, the standard is available free of charge.
The NEN 7510 is based on ISO 27001, the more general standard for information security. Basically, the NEN 7510 describes exactly this standard, supplemented by care-specific measures.
Is NEN 7510 certification mandatory?
It is a legal requirement for all healthcare providers to apply NEN 7510, however, although they must comply with the standard, certification for this is not mandatory.
Why the NEN 7510?
Because so many diverse parties work together - think healthcare providers, patients, insurers, government agencies and other stakeholders - information security in healthcare is very complex. Each party plays a role in collecting data, storing, processing and transporting information. To ensure the security of sensitive information, NEN 7510 was introduced.
Difference between NEN 7510 and ISO 27001
That these standards both have something to say about information security may be well known. But what is the difference between ISO 27001 and NEN 7510? Can you use both standards for your organisation or does one fit better than the other?
NEN 7510 is based on ISO 27001 and despite differences, the similarities between NEN 7510 and ISO 27001 are very strong. In fact, NEN 7510 is an addition, or extension, and so there are differences to be discovered:
- ISO 27001 is a general standard, NEN 7510 is industry-specific for healthcare;
- NEN 7510 is a Dutch standard, while ISO 27001 is an international standard;
- Application of NEN 7510 is mandatory for all healthcare institutions. This only applies to application of the standard, not certification;
- NEN 7510 appoints 36 management measures specific to healthcare, in addition to the 114 management measures already appointed by ISO 27001.
Our solution: Base27
Do you need to obtain NEN 7510 certification for your healthcare organisation? If so, you could use the help of a good information security management system (ISMS). Our online software tooling Base27 provides information security support and helps you meet the set requirements of the NEN 7510 standard in the form of a portal for all your employees.
Here you can find out all the necessary information and be kept up to date with new developments. Base27 is also the beating heart for performing risk analyses, realising the treatment plan, selecting suppliers, monitoring effectiveness and handling (security) incidents.