NEN 7510 checklist

NEN 7510 is the Dutch standard for information security in healthcare, ensuring that healthcare organizations securely process, store, and transfer patient data. It is based on ISO 27001 but tailored specifically to the healthcare sector in the Netherlands. 
 
Under NEN 7510, healthcare organizations are obliged to protect sensitive data according to the following measures: 

Classification & Labeling (Sections 5.12, 5.14): 

• Classify data based on confidentiality, integrity, and availability. 

• Appropriately label/classify sensitive information. 

Encryption in Transit and at Rest (Sections 5.14, 8.24): 

• Ensure adequate security during data transfer. 

• Prevent unsecured exchanges of sensitive information. 

• Guarantee traceability of data transfers. 

Recipient Authentication (Sections 5.14, 5.17): 

• Ensure only authorized individuals can access sensitive information. 

• Require strong authentication when transferring data over public networks. 

Demonstrability (Sections 5.14, 8.26) 

• Provide proof of secure transmission and access. 

• Implement solutions to ensure confidentiality and integrity of information. 

Awareness (Section 6.3): 

• Training and awareness are crucial. 

• Conduct regular training and establish clear procedures. 

Preventing Data Breaches (Sections 5.14, 8.12): 

• Implement measures to prevent data leaks (over 95% caused by human error). 

• Use data loss prevention (DLP) tools to safeguard sensitive information.  

How Zivver supports compliance with NEN 7510 

Zivver Secure Email is the secure, compliant way to send emails and files by eliminating human error, preventing data leaks and encrypting sensitive emails. 

Zivver scans the content of every email before you hit send – detecting confidential data, catching wrong recipients, and preventing a lapse from becoming a leak.  

Send emails securely with zero-knowledge encryption, revoke them instantly, and get in-depth reports for audit trails and compliance reports. Don’t risk third-party websites with confidential data. Zivver lets you transfer large files and sign documents straight from your email – so you can protect private data, preserve public trust, and stay compliant. 

Comply with NEN 7510 with Zivver: 

The gateway scans outgoing emails for sensitive healthcare-related data and automatically applies encryption when necessary, reducing human error and ensuring compliance with confidentiality requirements.  

Only the intended recipient can access encrypted messages, ensuring that healthcare data remains protected, even if an email is misdirected or intercepted. 

Organizations can track email activity and security measures, providing an auditable trail to demonstrate compliance with NEN 7510’s monitoring and accountability requirements.

Users can monitor email performance and revoke access to emails at any time, anywhere. Users also have the ability to view when an email has been opened and forwarded. 

Organizations can define security rules that align with NEN 7510 guidelines, ensuring sensitive patient information is always handled securely according to best practices. 

Our latest webinar explores how organizations can meet compliance with global data protection legislations. Check it out now.