IT for healthcare
For practice owners who want to outsource their NEN 7510 headache. Patient data stays in our Dutch data centre β not with an American cloud provider. Exquise, Visiquick, OASE, Simplex, Novadent: already running for peer practices. One named contact who speaks healthcare IT, not a first-line script.
Already running in our Dutch datacenter:
ExquiseVisiquickOASESimplexNovadent
2000+
Cloud workspaces
6000+
Microsoft 365 accounts
20+
Years of experience
ISO 27001
certified
NEN 7510
healthcare information security
Microsoft
Solutions Partner
FD Gazelle
2022 / 2024 / 2025
IT for healthcare
Short answer: NEN 7510 cloud workspace for healthcare
Virtual Computing is a NEN 7510- and ISO 27001-certified cloud workspace provider for the Dutch healthcare sector. Founded in 2006, we manage more than 2,000 online workspaces for healthcare organisations β from GP practices and dental clinics to physiotherapists and primary-care groups. Our healthcare cloud workspace starts at β¬35 per user per month and runs in our own Dutch data centres in Eindhoven and Den Bosch. Patient data stays in the Netherlands, end-to-end encrypted, audited annually against both NEN 7510 (healthcare-specific) and ISO 27001 (general). 24/7 personal support from specialists who know your organisation β no call centre, no ticket queues.
NEN 7510 & ISO 27001 certified
EHR and dental software hosting
Patient data in our own Dutch data centres
24/7 availability and monitoring
GDPR-compliant data management
20+ years of experience in healthcare
Why do healthcare organisations choose Virtual Computing?
The healthcare sector places the highest demands on IT: patient data must be secure, systems cannot go down, and you must comply with strict regulations. Not every IT partner can deliver on this.
Virtual Computing is one of the few MSPs in the Netherlands that holds both ISO 27001 and NEN 7510 certification. NEN 7510 is the specific standard for information security in healthcare. This means our processes, systems and staff meet the strictest requirements for processing patient data.
We have been serving healthcare organisations for over 20 years. Tandartspraktijk Tilburg is one of our longest-running relationships β they have trusted our IT for more than two decades.
NEN 7510 certified
Specific certification for information security in healthcare.
EHR hosting
Secure and fast hosting of your electronic health records.
Dental software
Specialised hosting of Exquise and other dental software.
GDPR compliant
Patient data in Dutch data centres, encrypted and secured.
24/7 available
Redundant systems and twin data centres for maximum uptime.
20+ years experience
Proven track record in the healthcare sector with long-standing client relationships.
Secure cloud workspaces for healthcare
Our online workspace is ideal for the healthcare sector. Staff get secure access to their applications and patient data from anywhere β at the practice, at home or on the go.
EHR hosting β We host your electronic health records in our own data centres. Fast, secure and always available. Exquise, Visiquick, OASE, Simplex and Novadent are already running for peer practices.
Dental software β Specialised hosting of Exquise and other dental software. Optimised performance and fully managed.
Physiotherapists β Hosting of EHR packages for physiotherapists. See software for physiotherapists for specific support.
GDPR compliant β All patient data remains in the Netherlands, in our own data centres. Encrypted at rest and in transit.
Managed cybersecurity β 24/7 monitoring, MFA and endpoint protection on top of the NEN 7510 baseline. Standard included in our healthcare packages.
24/7 availability β Healthcare systems cannot go down. Our twin data centres and redundant systems guarantee maximum uptime, and our disaster recovery is tested for the healthcare sector.
NEN 7510: the standard for healthcare IT
NEN 7510 is the Dutch standard for information security in healthcare. It sets specific requirements for how patient data is stored, processed and secured. For healthcare organisations, it is essential to work with an IT partner that adheres to this standard.
Virtual Computing is NEN 7510 certified. This means we are audited annually by an independent party on our processes, technical measures and staff.
By working with us, you automatically meet the requirements set by the Dutch Data Protection Authority and health insurers for your IT environment. During an audit, you have the right documentation readily available.
Also see our [cloud security](/en/cloud-security) for more information about our security measures.
NEN 7510 vs ISO 27001: what is the difference for healthcare?
Many healthcare organisations ask us: is ISO 27001 enough, or does our IT partner also need NEN 7510? Short answer: for healthcare NEN 7510 is not optional, but the combined certification is what you really want.
ISO 27001 β the general baseline. International standard for information security. Defines an ISMS (Information Security Management System) and general controls (Annex A) around access, encryption, incidents and business continuity. Applicable in any industry, not healthcare-specific.
NEN 7510 β the healthcare layer on top. Dutch standard specifically for healthcare information. Builds on ISO 27001 and adds healthcare-specific requirements: medical confidentiality, BIG-registered access, explicit patient consent, integration with DigID/UZI-pas, data-breach notification to the AP for health data.
What this means for you. An MSP with only ISO 27001 covers the generic security baseline but lacks the healthcare-specific controls that the Dutch DPA and NEN auditor expect. An MSP with only NEN 7510 without ISO 27001 lacks the management-system foundation. We have both: ISO 27001 as the baseline ISMS, NEN 7510 as the healthcare layer β both audited annually by an independent certification body.
For healthcare organisations under Wkkgz, Wabvpz or health-insurer IT requirements, this saves a lot of audit discussion: the right documentation is ready to go.
Case study: Tandartspraktijk Tilburg β 20 years of healthcare IT partnership
Situation β A dental practice in Tilburg with 12 dentists, 25 workstations and a mix of Exquise (practice management), Visiquick (X-ray) and modern intraoral scanners. The practice grew across two physical locations; staff need to move seamlessly between sites without patient records getting stuck on one PC.
Challenge β Local servers were failing more frequently, 3D X-ray images were slow, and the NEN 7510 audit from the health insurer set hard requirements for logging, backup and access control that the old infrastructure could not meet.
Solution β Since 2005 the entire practice runs on our [online workspace](/en/online-werkplek). Exquise and Visiquick are specialist-hosted in our Eindhoven/Den Bosch data centres. 3D scans and X-ray images open quickly via SSD storage; staff switch between sites with the same desktop.
Result after 20 years β Zero unplanned downtime in the past 18 months, NEN 7510 audit report deliverable to the health insurer within one business day, and the practice owner spends zero hours per week on IT issues. Quote: βFor more than 20 years we have worked with Virtual Computing. Our entire practice runs in the cloud β even our 3D X-ray equipment works seamlessly via Exquise and Visiquick. They truly understand our specific situation in dentistry.β
NEN 7510 explained: what it is, who must comply and how to prove it
What is NEN 7510?
NEN 7510 is the Dutch standard for information security in healthcare. It is derived from the international ISO 27001 and 27002 standards, but translated to healthcare practice: where the general standard speaks of 'information', NEN 7510 specifically covers personal health information and the systems that process it. The standard has two parts. NEN 7510-1 describes the management system (ISMS): policy, risk assessment, management responsibility and an improvement cycle. NEN 7510-2 contains the concrete controls β from access management and logging to backup, physical security and supplier management. Complementary standards are NEN 7512 (secure data exchange between healthcare parties) and NEN 7513 (logging: who accessed which record and when).Who must comply with NEN 7510?
The standard applies to every organisation that processes personal health information. That includes hospitals and mental health institutions, but equally GP, dental and physiotherapy practices, pharmacies, midwives, home-care organisations and the IT suppliers working for them. Compliance is not optional: the Dutch Decree on electronic data processing by healthcare providers (Begz) explicitly designates NEN 7510, NEN 7512 and NEN 7513 as the standards to apply, and the GDPR requires 'appropriate technical and organisational measures' β in Dutch healthcare the Data Protection Authority and the Health and Youth Care Inspectorate test that requirement against NEN 7510 in practice. Health insurers and regional partnerships also increasingly require demonstrable compliance when contracting. Important: the standard also reaches your suppliers. Any IT party that hosts or manages healthcare data must comply with NEN 7510 itself β a practice working with a non-certified IT supplier has a gap in its own accountability.How do you demonstrate compliance?
Demonstrable compliance is more than having the technology in order; the core is a working management system you can show. In practice that comes down to five steps. 1. Risk assessment: map where health data lives (EHR/practice software, e-mail, workstations, backups) and which risks apply. 2. Policy and responsibilities: record who is responsible for information security, how authorisations are granted and revoked, and how incidents are handled. 3. Implement controls: multi-factor authentication, encryption, role-based access, logging in line with NEN 7513 and daily tested backups. 4. Document and practise: data processing agreements with all suppliers, a data breach procedure you rehearse periodically, and awareness training for staff β most incidents start with a phishing e-mail, not with technology. 5. Verify: an independent audit by a certification body makes compliance externally demonstrable; for smaller practices a self-declaration with underlying evidence can be an intermediate step, but under supervision or contracting a certificate carries considerably more weight.What does this mean for your workspace?
In practice, the workspace is where information security succeeds or fails: that is where people log in, e-mail and work in the patient record. By sourcing the workspace from a NEN 7510-certified partner you inherit a large part of the technical controls β encryption, MFA, logging, backups, patch policy and data centre security are already arranged and documented. The organisational side (policy, authorisations, training) remains your own responsibility, but you do not have to build certified infrastructure yourself. Demonstrability becomes a matter of pointing instead of building.Pricing
What does it cost?
NEN 7510 certified cloud workspace for healthcare organisations. Meets healthcare information security standards.
IT for healthcare
fromβ¬35per user per month
- NEN 7510 + ISO 27001
- EHR hosting
- Data in NL datacenters
- GDPR processor agreement
- Dutch-speaking support
Contact
Arrange it the way you prefer
Prefer a quote with numbers first, a direct conversation, or to get started right away? Pick the route that suits you β no strings attached.
We'll call you back
An experienced IT specialist on the line within 1 working day β often the same day.
Aushi BV runs 250 managed workspaces across Europe on our environment β and a dental practice in Tilburg has been a customer for 20 years.
Read the customer caseWe've trusted Virtual Computing with our IT for over 18 years. From a handful of workstations we've grown to 250+ users spread across Europe. Online Workplace, Microsoft 365, Windows 365 β it scales effortlessly. Fantastic service and excellent knowledge.
M
Matija Jolic
Aushi BV β 250 workspaces across Europe
Good to know
Frequently asked questions
Ready to get started?
Book a free consultation about the best ICT solution for your organisation.
By Robin Damen, Founder|Reviewed by Mohammad Moghtader, CTO