Statement of Inclusions and Exclusions NCS 7516

NTA 7516 Criteria for Communication Service Providers

August 17, 2020 – Version 1.1

Group Criterion SecuMailer Value
Availability Minimum availability (6.1.2) Yes 99.95%
Maximum downtime duration (6.1.3) Yes 0
Maximum data loss (6.1.4) Yes 0
Integrity Origin verification (6.1.5) Yes eIDAS “Substantial” and “High”
Data integrity (6.1.6) Yes TLS / DANE
Non-repudiation of sender (6.1.7) Yes TLS / SPF / DKIM / DMARC
Sender authorization (6.1.8) Yes TLS / SPF / DKIM / DMARC
Confidentiality Data confidentiality (6.1.9) Yes AES256
Access confidentiality (6.1.10) Yes eIDAS “Substantial” and “High”
Communication confidentiality (6.1.11) Yes TLS / DANE
Legal basis for transmission (6.1.12) No Transmission basis is determined by the sender
International ad-hoc message traffic (6.1.13) Yes EU-based
Usability Continuity of ad-hoc messaging – replies (6.1.14) Yes ESMTP
Continuity of ad-hoc messaging – forwarding (6.1.15) Yes ESMTP
Security as convenience (6.1.16) Yes ESMTP
Readability (6.1.17) Yes ESMTP
Own copy (6.1.18) Yes ESMTP
Interoperability File integration (6.1.19) Partial An API is available
Multi-channel communication (7.2) Yes NTA 7516 Certified

REST API

Developer portal ›

SecuMailer has a REST API for sending secure emails. Both the GDPR and the NTA 7516 functionality are fully accessible via this API.

The API is documented with OpenAPI specification 3.0.1.

The REST API has webhook functionality, which means that the SecuMailer platform can communicate email events with an HTTPS endpoint of the sender.

SMTP API

The SMTP API is usually the simplest integration option for many backend applications because backend applications often have a provision for an SMTP client on board.

We have successfully integrated for customers with Salesforce, SAP and Centric. We have also successfully integrated with patient file systems such as Medisoft Dossier Manager.

GraphQL API

The SecuMailer platform offers insight into email events. This can be done on the basis of a (push) webhook call (see REST API above) and on the basis of a (pull) GraphQL endpoint.

Get a Demo

Name(Required)

Contact Sales

Your Name(Required)

Data Loss Prevention

Smart protection against data leaks without extra effort

Human error remains the number one cause of data breaches. Think of accidentally sharing social security numbers, medical records, or customer details. With SecuMailer’s Data Loss Prevention (DLP), these risks are avoided automatically, intelligently, and policy-driven.

Try DLP now
Contact us
Data Loss Prevention

Reduce data breach risk

Prevent sensitive information from leaving the organization by mistake.

Stay compliant

Meet regulations like GDPR and NTA 7516 without extra user effort.

Stay in control

Decide how sensitive information is handled and secured, based on clear policies.

Why DLP

How Data Loss Prevention works

Emails and attachments are automatically scanned for sensitive content such as IDs, account numbers, or medical data. A Probability Density Function model evaluates the frequency and combination of terms to identify risks. Natural language processing analyzes the tone and context of the message to detect sensitive or negative content.

Based on the risk assessment:

Security levels are upgraded (for example, automatic 2FA in line with NTA 7516).
Messages may be blocked, with clear feedback to the sender.
Alerts can be sent to the internal security team for escalation.

Why Choose SecuMailer’s DLP

SecuMailer’s DLP applies situational security: the right protection at the right time, without disturbing the user. Unlike many solutions that expect employees to choose a security level themselves, often leading to errors and frustration. SecuMailer automates this process. Sensitive content is detected, the right measures are applied instantly, and the system continues to learn from behavior while remaining fully manageable through organizational policies.

Privacy officers

gain insight and control

Security teams

get context-based signals and stay in charge

Healthcare

Users

work without distraction, confident they can’t cause data leaks.

Excecutives

Executives

meet compliance requirements and avoid fines or reputational damage..

How does DLP work?

Step 1

The user sends an email like a regular email.

Step 2

The system automatically scans the content and attachments for sensitive information.

Step 3

Smart analysis (patterns, context, and tone) determines whether there is a potential risk.

Step 4

Based on the risk, the system applies the right action: strengthening security, blocking the email with feedback, or alerting the security team.

Want more technical detail?

Plan Technical Demo

Ready to see it in action?

Want to discover how SecuMailer’s DLP prevents data loss without slowing down communication?
Book a live demo with one of our experts, or contact our team to discuss your requirements.

Get a free demo

See how easy secure emailing can be
Get a free Demo

Prefer to talk first?

We’ll help you explore your best-fit integration.
Talk to our team