Jong JGZ is a Dutch youth healthcare organization, known for its child health clinics and school visits by doctors and nurses. In this sector, where sensitive personal data of children and families is handled, NEN 7510 certification is not mandatory. However, Dutch healthcare institutions must demonstrate to the Health and Youth Care Inspectorate (IGZ) that their information security is adequately managed. On top of these requirements, the new EU NIS 2 directive adds additional obligations, raising questions at Jong JGZ about their level of preparedness and compliance.
Through their IT partners, Jong JGZ connected with Safesecur Group for a baseline assessment — a decision that proved to be highly valuable for Monica as Privacy Officer.
Quick Insights
When Safesecur Group was recommended for a baseline assessment, Monica immediately reached out to our specialist, Marc van der Zandt. “Our partners Sirrus and Desatel provide excellent IT management, but we also wanted independent confirmation that we could demonstrate our security readiness ourselves,” Monica explains. Safesecur Group offered a pragmatic approach, with flexible and efficient execution.
“It was easy to schedule a meeting with Marc, and the short duration of the assessment was very pleasant. The questions asked were clear and constructive — one of my colleagues even said it was much more enjoyable than expected,”
The quick process allowed them to take immediate action: “Instead of a lengthy audit, within just two days we had a clear overview of our non-conformities, with a manageable list of 32 improvement points.”
A Positive, Non-Judgmental Collaboration
What truly made a difference for Jong JGZ was Marc’s approach to the assessment.
“Rather than feeling like a formal audit, it felt more like a collaboration,” Monica shares. “Marc asked open-ended questions and gave us space to openly reflect on our processes, without feeling like we were being judged. My colleagues also appreciated the open and refreshing conversations.”
This approach made it possible to immediately address potential issues and move forward with confidence.
Confidence and a Clear Path Forward
The baseline assessment not only provided Jong JGZ with a clear list of improvement actions but also reinforced confidence in the security measures already in place.
“We received confirmation that, overall, our security framework is well-structured. Of course, there are areas for improvement, but we can now confidently say we’re on the right track,” Monica says.
The list of improvements gives the team a concrete roadmap for the coming period. In addition, Marc van der Zandt is supporting Jong JGZ in developing a detailed action plan, ensuring not only compliance with NEN 7510 but also readiness for the NIS 2 directive.
Recommendation for Other Healthcare Organizations
For Jong JGZ, working with Safesecur Group is highly recommended for any healthcare provider.
“For small and medium-sized organizations without large internal IT and security teams, such an external baseline assessment is ideal. Safesecur Group delivers quick, efficient insights without the need for lengthy assessments that can drag on for months. Their pragmatic approach makes compliance both achievable and realistic.”
With Safesecur Group’s support, Jong JGZ now has a solid foundation in information security and a clear understanding of what steps remain to achieve full compliance.
“Thanks to Safesecur Group, we know exactly where we stand. It’s reassuring to know our security is well-managed, and that we’re prepared for the future,” concludes Monica Bassie.
