ClickySkip to main content
Need help with a cyber incident now?
Call 24/7: +31 88-2747800

With T-Core towards NEN 7510 Compliance

By 13 May 2020 December 20th, 2021 Blog
t-core

The work pressure in the healthcare industry has been exceptionally high for quite some time and this has only increased with the coronavirus crisis. To offer every patient or client the maximum care, the industry is innovating and digitalising at a considerable pace. This implies, inter alia, digital communication, digital care, and digital data exchange / data processing between healthcare providers and healthcare insurers.

The pressure on the organisation to stay up to date with the applicable guidelines and policies is, consequently, at an unprecedented level. This leads to the tightening of the policy, certainly now that the official authorities are enforcing ever more on compliance with the said guidelines. With a standard approach via the T-Core services, Tesorion unburdens the healthcare industry by reducing this pressure.

Compliance with rules and guidelines

There are rules, guidelines, and standards from the official authorities that a hospital or healthcare institution must comply with. For instance, the Healthcare Inspectorate prescribes that compliance with the NEN 7510 requirements is mandatory. This standard is applicable to the individual healthcare provider, large healthcare institutions, and the chain partners. After all, third parties, e.g. insurers, also impose requirements in the area of information sharing or the supply of data; for instance, by way of requirement for reimbursement of claimed treatments or medication. It goes without saying that in all instances the GDPR must be observed. Compliance with NEN 7510 is therefore one of the requirements that is imposed ever more often during audits of the Healthcare and Youth Inspectorate (IGJ) and on the basis of which official authorities have meanwhile started enforcing.

T-Core

T-Core is a service that was developed in cooperation between Tesorion, RASCI Method© and Inbisco. It is a structured approach for the implementation of an Information Security Management System (ISMS) that has meanwhile proven its merits on multiple occasions. With this management system, it can be demonstrated that the organisation complies with the NEN 7510 requirements.

Plan-do-check-act

The security consultants of Tesorion have thorough knowledge of various security standards and know how they can be implemented in a pragmatic manner. They can counsel the entire process from the beginning up to and including certification, both substantively and project-based. The documentation of the ISMS takes place in Inbisco with the help of the participative RASCI method. Inbisco was developed specifically for the documentation of management systems. Processes are documented and administered, risk analyses are carried out, incidents, measures, and improvements are established, monitored, and evaluated. Extensive reporting options are also present. This way, the entire ISMS is documented in one tool, and via the “plan-do-check-act” principle the healthcare industry is prepared for the road towards compliance in conformity with NEN 7510.

This integral approach can be characterised as transparent, plannable, and controllable. In addition, this approach is supported by Dutch technology and has proven to be successful at customers from the healthcare industry.