NEN 7510

NEN 7510

Support and certification

The healthcare sector works with confidential data on a large scale. Patients and clients must be able to rely on the secure processing of their data.

NEN 7510

The NEN 7510 standard

The NEN 7510 standard helps a healthcare provider or a healthcare service provider to structurally organize and improve information security. In some cases, the application of the standard is even made compulsory by law.

The NEN, a Dutch foundation that focuses on standardization, has developed the NEN 7510 standard specifically for information security in healthcare. The latest version of this, NEN 7510: 2017, consists of two parts:


  • Part 1 (NEN 7510-1) focuses on the development of an ISMS (Information Security Management System): a structural, risk-based approach to guarantee the availability, integrity and confidentiality of information. This part is based on the ISO 27001 standard.
  • Part 2 (NEN 7510-2) connects to this with specific control measures: these are based on the international ISO / IEC 27002 and ISO 27799 standards. Compared to the ISO standards, these NEN standards focus specifically on the protection of personal health information.


Traxion can support your organization in setting up information security on the basis of, or in preparing for, certification to the NEN 7510 standard. In both cases, we make the implementation a success together by setting awareness and acceptance by the organization as the goal.

Our approach

Traxion has a down-to-earth no-nonsense approach in clear steps. The scope will be determined together with you and we will arrive at a results-oriented approach. Through an Agile approach, the successes are determined in advance and celebrated afterwards with the team.

The team consists of experts, from you and the Traxion organization, who guide your organization with broad practical knowledge.

Legal frameworks

Specifically for the healthcare sector, the Wgbo (Act on Medical Treatment Contracts) and the Wkkgz (Act on Quality, Complaints and Disputes in Care) require adequate security of client data.

Broader legal frameworks also require adequate information security. European privacy legislation GDPR requires appropriate technical and organizational measures to protect personal data.


To demonstrate that your organization endorses the importance of information security and is continuously developing it, the implementation of NEN7510 can be verified and certified by an external auditor.

As a healthcare provider, you can demonstrate that you handle patient and client data seriously. But also that you comply with the legal frameworks.

Information or support needed?

Information or support needed?

One of the main advantages of Traxion is knowledge and experience. Our CISOs and ISOs support organizations to achieve NEN 7510 certification by familiarizing them with the standard, drawing up policy where necessary and implementing measures.

Get in contact

The people at Traxion we work with are without exception good at their job. They are young enthusiastic professionals with a high level of knowledge. They can not only answer all our questions, but also provide a good substantiation of their advice. That gives a lot of confidence in our partnership with Traxion.

André Crone - Architect I Eneco
Confidental Infomation