Why the new NEN 7510:2024 is more than just a checkbox

Blog | Data security

  • Fellow news
  • security

In April 2026, Fellow Digitals successfully completed its annual external audit for the ISO 27001, ISO 27701 and NEN 7510 certifications. During this audit, extensive attention was paid to our processes, procedures, technical security measures and the way information security and privacy are embedded in our daily operations.

An important part of this audit was the implementation of the new NEN 7510:2024 standard. This means Fellow Digitals is among the organizations already working according to the latest version of the Dutch standard for information security in healthcare. And that is highly relevant, because the new standard has been updated to align with today’s requirements and security risks this approach performs in practice — from usability and course creation to AI-powered features.

We are proud to have successfully implemented this new standard. It demonstrates our ambition to stay ahead of developments, while many organizations are still working with the older NEN 7510:2017 version

Structurally protecting information

The new standard introduces stricter and more up-to-date requirements for information security, risk management, governance and privacy processes. For organizations working with sensitive personal data and confidential information, this is not just an administrative exercise, but an essential part of delivering reliable services.

At Fellow Digitals, we do not see certification as a mandatory checkbox.

For us, it is about something else entirely: continuous improvement, transparency, and the structural protection of information belonging to customers, employees and end users.

This enables us to deliver on our promises, remain equipped to manage today’s security risks, and ensure that our customers and partners can trust that their data is in safe hands.

Why the new NEN 7510:2024 matters

NEN 7510 is the leading Dutch standard for information security in the healthcare sector.

The updated 2024 version aligns much better with today’s digital reality:

  • stricter information security requirements

  • increased focus on risk management

  • updates for modern cloud environments

  • stronger emphasis on governance and accountability

For organizations handling privacy-sensitive information, this is essential.

What was assessed during the audit

An external audit is no longer just about technical checks or documentation.

The auditor evaluates the complete way information security and privacy are organized, managed and embedded throughout the organization’s daily operations.

During the audit, KIWA assessed areas including:

  • our development processes

  • incident management

  • infrastructure and security risks

  • employee onboarding and offboarding

  • hardware usage and access management

  • privacy processes

  • supplier management

  • security awareness throughout the organization

The audit also focused extensively on how we identify, evaluate and mitigate risks.

Looking ahead to 2026

Standing still does not fit Fellow Digitals.

That is why we are already preparing for the next step: implementing the updated ISO 27701:2025 standard.

In addition, we continue to invest in:

  • security awareness

  • periodic controls and audits

  • secure development processes

  • greater transparency toward customers and partners

Want to learn more about our approach to information security, privacy and compliance?

Visit the Fellow Digitals Trust Center

Do you have questions about our certifications, security approach or compliance policies?

Feel free to contact our COO and Security Officer, Rick Tigelaar.

Hans Koekkoek

Business Development Manager

Hans Koekkoek

We love to share our knowledge with you

Related blogs