Medical logo

EMEA | Healthcare and life sciences

NEN (Netherlands)

The  Royal Netherlands Standardization Institute (Nederlands Normalisatie Instituut or NEN) is a non-profit organization focused on developing standardization processes in the Netherlands. Google Cloud’s compliance with international standards such as ISO 27001 help address NEN standards such as NEN 7510 and NTA 7516.


NEN Compliance Offerings

Learn more about the key laws, regulations, and guidelines prescribed by the NEN.

Learn more about NEN 7510 and how Google Cloud can help support your NEN compliance efforts.

NEN 7510 is an information security standard that provides guidelines for determining, establishing, and maintaining measures for health care organizations to protect and secure healthcare data.

The Dutch Data Protection Authority uses NEN 7510 to assess whether a health care provider has implemented appropriate security measures and therefore met its security obligations. These measures include developing and maintaining information security policies, establishing mature internal frameworks for information management, identifying and defining appropriate protection policies for human resources and asset management, ensuring effective access control to prevent unauthorized user access, and implementing technical safeguards such as cryptographic controls.

Although the Dutch government does not require cloud service providers to comply with NEN 7510, Google Cloud’s products regularly undergo independent verification of their security, privacy, and compliance controls that map closely with NEN 7510. We have published a Google Cloud compliance mapping document for NEN 7510 to help our customers meet their applicable requirements.

Learn more about NTA 7516 and how Google Cloud can help support your NTA 7516 compliance efforts.

NTA 7516:2019 is a Dutch standard for information security focusing primarily on ad hoc messages between a sender and receiver with highly sensitive medical information. The standard is targeted at medical professionals sending or receiving medical information of patients via email; email software suppliers; and patients whose information is being transferred.

Gmail offers industry-leading security and infrastructure with comprehensive controls that can help our customers meet their objectives and satisfy the NEN requirements. Under the shared responsibility model, Gmail and our healthcare and medical professional customers share the management of the IT environment, including responsibilities for security. We work with our customers to delineate these responsibilities in an effective and transparent way

With this in mind, as we maintain compliance to security standards such as ISO 27001, we continue to provide assurance to our customers requiring NTA 7516 compliance that Gmail will support you in your efforts to help keep your data secure.

ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more

ISO/IEC 27018

Learn more