Health data deserves more than good intentions
What it is
ISO 27799 provides healthcare-specific guidance for information security management. It acts as an essential lens for adapting your ISO 27001 framework to environments where sensitive personal health information is handled, stored, or shared, ensuring that patient data deserves far more than just good intentions.
NEN 7510:2024 is based on ISO 27799:2025. Therefore, this add-on can also be used if you want to implement NEN 7510 using an ISMS in English.
When to use it
Use this add-on when your organization handles personal health records, clinical trials, or patient data, and needs a security framework that reflects the extreme sensitivity of healthcare information. If you are already running ISO 27001, ISO 27799 gives you the healthcare-specific lens needed to close industry-specific gaps because medical data deserves more than good intentions.
What it adds
It extends your ISO 27001 ISMS with tailored security controls that align with the real-world risks of medical data processing. By infusing clinical-grade security into your existing structure, this add-on upgrades your system by providing:
- Contain instructions how to update an existing ISO 27001 implementation
- Implementation guidelines for all 22 extra requirements that ISO 27799 imposes to the Annex A controls (A.5 to A.8)
- For each control the extra impact is indicated, as compared to ISO 27001
Add-ons can be used together with Instant 27001 for Confluence or Microsoft 365 (ISOPlanner). Instructions for installation and implementation are provided.
Relevant for
- Healthcare technology providers
- Organizations processing medical or patient data
- Suppliers to healthcare institutions
- Organizations working with sensitive health information
Pricing
€ 1 495
All prices are excluding applicable taxes and subscription fees for Confluence, Microsoft 365 or ISOPlanner.