Specifically for the Dutch healthcare sector, the standard NEN 7510 describes the requirements for information security. Based on the ISO 27001 and ISO 27002 standards for data protection, NEN 7510 provides frameworks for information security for healthcare organizations and associated organizations like providers of software and ICT services.
Information processed and stored by care providers is almost always confidential. The healthcare sector is therefore closely monitored when it comes to privacy and information security. Dutch legislation about the use of the social security number in the healthcare sector demands caregivers to comply with NEN 7510. With a NEN 7510 certificate, healthcare providers demonstrate they meet the applicable information security requirements. On the basis of the NEN 7510, care providers can set up their information management in accordance with the applicable requirements for safety, reliability and availability.
The NEN 7510 is the basis for continuous improvement of information security policies and processes for healthcare organizations and their suppliers. MedMij, the new standard for digital exchange of patient information, has also been developed based on the standard. Healthcare providers already in possession of a NEN 7510 certificate can apply for the MedMij quality label and show they exchange patient information securely and reliably.