Applying for NEN 7510 certification: how does it work?

Over the years, there has been a lot of commotion about the privacy of patients in healthcare, among other things. We are aware that we share sensitive information with doctors and that this information can also reach other healthcare providers via a digital platform. Provided you give permission, of course. This digital platform has made the work for healthcare providers a lot easier. After all, exchanging information takes less time. However, it also poses a risk. Because what if the system is less reliable than expected? Will hackers run off with it?

A clever solution has been found for this. Namely, the NEN 7510 certification. Most entrepreneurs are familiar with NEN. These are standards that you must comply with and for which you receive a certificate to demonstrate that you perform safe and/or reliable work. The NEN 7510 was created specifically for information security in healthcare. The standard is intended for healthcare providers and for managers of personal health information. With this certificate you demonstrate that the system meets all requirements and the privacy of patients is guaranteed. You can probably imagine how important this is. Also for patient confidence. That is why it is important that the NEN 7510 is requested on time. But how exactly does this work?

Apply free of charge

The NEN certificate can be requested free of charge. The system is subjected to a series of tests to assess whether it can withstand cyber attacks. You are therefore first obliged to offer a properly functioning system. This must meet all requirements. You can leave this to the management of your own IT administrators, but be aware that there is a lot involved. It is also possible to engage a special consultancy firm for this. This way you can be sure that the system will soon meet all requirements.

Pre-audit

Before the official NEN 7510 audit is carried out, there is first a so-called pre-audit. This checks whether everything has been taken into account before the actual test is carried out. The focus is on matters that are not yet in order. This offers you the opportunity to solve some possible problems, so that there is a good chance that you can simply obtain the certificate. After a pre-audit, the testing company provides a detailed report with reasons why you will not yet pass the NEN inspection. This pre-audit usually takes no longer than two to four days and contributes to better management of your IT system. The pre-audit is a popular option. While you've already decided to pursue NEN 7510 certification, you don't want to go through the full process yet. Using the pre-audit, you can easily identify weaknesses and gain a clear understanding of your organization's current status.