Jubilee Signet
NEN 7510 certification
DEKRA Audit Netherlands

Can your patients trust that their personal data will be handled responsibly and securely?

NEN 7510 certification

Information security in healthcare

In a healthcare facility, the need for information security is often even greater than elsewhere. Your patients and clients trust you to handle their personal data in the strictest confidence. This is why Dutch legislation insists that healthcare institutions must be able to demonstrate compliance with the requirements of NEN 7510. This is the Dutch norm for information security in healthcare, based on the international standard ISO 27001.

Working safely and with integrity with the NEN 7510 certification

Working in accordance with the NEN 7510 standard goes beyond the design of your ICT systems. It looks at all forms of information processing in the organization, with considerable emphasis on human operations. How responsibly do you and your employees handle confidential data? You can demonstrate that you deal with this correctly through certification against NEN 7510.

Our working method

During the certification process the auditors consider the requirements and measures. But they also consider the day-to-day operations and whether the information security system works as intended. With DEKRA you opt for a process-oriented audit​. We help you to live up to the trust people place in you, day after day. Read more about our certification method here .

The new NEN 7510-1:2024 standard

As of December 16, 2024, NEN 7510-1:2024 has been amended. This new version meets the latest requirements. The new version of NEN 7510 contains important updates and is aligned with the latest versions of ISO/IEC 27001, ISO/IEC 27002 and the international standard design ISO/IEC DIS 27799, with additional requirements for the healthcare sector. As such, 14 general ISO control measures have been adapted for application within a healthcare organization and there are 8 additional measures specific to the healthcare sector. These adaptations contribute to mitigating continuously changing cyber risks and are a prelude to the requirements of the NIS2 guideline .
There is also a focus on (new) legislation. For example, NEN 7510 helps organizations on their way in complying with the Additional Provisions for Processing Personal Data in Healthcare Act (Wabvpz), Electronic Data Exchange in Healthcare Act (Wegiz) and the European NIS2 Directive that will come into force from 2025.

Transition to NEN 7510:2024

NEN has set a transition deadline until Februari 20, 2027. This means that your 7510-1:2017+A1:2020 certificate will no longer be valid after this date. DEKRA will soon complete the accreditation examination for the new version and hopes to be of service to you soon.
Please note: as long as DEKRA is not yet accredited for NEN 7510:2024, audits performed in accordance with this new standard are not valid.
Would you like more information about the transition? If so, please contact one of our experts.
Facts about NEN 7510