EMEA | Healthcare and life sciences
NEN (Netherlands)
The Royal Netherlands Standardization Institute (Nederlands Normalisatie Instituut or NEN) is a non-profit organization focused on developing standardization processes in the Netherlands. Google Cloud’s compliance with international standards such as ISO 27001 help address NEN standards such as NEN 7510 and NTA 7516.
NEN Compliance Offerings
Learn more about the key laws, regulations, and guidelines prescribed by the NEN.
Learn more about NEN 7510 and how Google Cloud can
help support your NEN compliance efforts.
NEN 7510
is an information security standard that provides
guidelines for determining, establishing, and
maintaining measures for health care organizations
to protect and secure healthcare data. The Dutch Data Protection Authority uses NEN 7510
to assess whether a health care provider has
implemented appropriate security measures and
therefore met its security obligations. These
measures include developing and maintaining
information security policies, establishing mature
internal frameworks for information management,
identifying and defining appropriate protection
policies for human resources and asset management,
ensuring effective access control to prevent
unauthorized user access, and implementing technical
safeguards such as cryptographic controls. Although the Dutch government does not require
cloud service providers to comply with NEN 7510,
Google Cloud’s products regularly undergo
independent verification of their security, privacy,
and compliance controls that map closely with NEN
7510. We have published a Google Cloud compliance
mapping document for NEN 7510 to help our customers
meet their applicable requirements.
Learn more about NTA 7516 and how Google Cloud can
help support your NTA 7516 compliance efforts. NTA 7516:2019 is a Dutch standard for information
security focusing primarily on ad hoc messages
between a sender and receiver with highly sensitive
medical information. The standard is targeted at
medical professionals sending or receiving medical
information of patients via email; email software
suppliers; and patients whose information is being
transferred. Gmail offers industry-leading security and
infrastructure with comprehensive controls that can
help our customers meet their objectives and satisfy
the NEN requirements. Under the shared
responsibility model, Gmail and our healthcare and
medical professional customers share the management
of the IT environment, including responsibilities
for security. We work with our customers to
delineate these responsibilities in an effective and
transparent way With this in mind, as we maintain compliance to
security standards such as ISO 27001, we continue to
provide assurance to our customers requiring NTA
7516 compliance that Gmail will support you in your
efforts to help keep your data secure.