NTA 7516: who, what, where


25 February 2021

How can you apply the NTA 7516 with the ease of regular emailing?

Does the recipient of your mails have to make an effort to find, open and read them? Then more than half of your messages will be lost. And that while they are so important! In this way, data protection easily overshoots its target.

With SecuMailer you can email in the most secure way so that your messages arrive directly in the recipient’s mailbox. That seems so logical, but it is still unique: Secure mailing with the greatest ease for both the sender and the recipient? SecuMailer is the first and only one to make this possible!

Who, what, where of the NTA 7516

  • Who: Professionals who send emails with personal health information.
  • What: Digital security requirements to guarantee privacy and doctor confidentiality in emails.
  • Where: Just in your mailbox and during email traffic.
  • Why: To prevent the leaking of personal data.
  • When: When you send an email.
  • How: With the smart security of SecuMailer that you will not even notice.

Are you crazy about all those pick-up messages in your email?

In recent years, a lot of electronic information has been exchanged in portals in healthcare. This was necessary because e-mail traffic could not be sent securely. A logical step was to also place messages intended for patients in a portal. Here, both the patient or another healthcare professional can click to the portal via a pick-up message and then view the message with an extra code or password. Very difficult often, and sometimes even impossible. Just think of my message box from the government, that is never a pleasant experience.

The good news is: This is no longer necessary.

By choosing SecuMailer you prevent that the security of email is perceived as “hassle” by the recipients. The use of portals, file share servers and / or local plug-ins is not necessary with SecuMailer. This gives you a solution that resembles the “normal” way of emailing as much as possible, but with the guarantee of encrypted delivery.

Many organisations are now looking at a portal solution for secure e-mailing because they have seen this before. However, the major disadvantages for the recipient and the great burden on their own IT environment are good reasons to consider the modern solution for secure emailing without retrieval messages and portals.

But how do you do that with the professional secrecy of the (care) professional?

The doctor’s oath was introduced in the Netherlands in 1878 and since then it is already good practice that medical information does not just end up with the wrong person. Nothing new, therefore, that medical data cannot just be sent by email. The healthcare professional must first establish that the recipient is entitled to the information.

The first time a patient comes to a doctor, he has to register. The citizen service number is recorded, the identity is checked with an official proof of identity and the address details are put in the medical file. After that, you really don’t have to show your passport to your doctor every time.

Two Factor Authentication. Maximum 4 times a year

For confidential emails, establishing the recipient’s identity can be done in the following way. The healthcare professional (or at least the organisation) has the recipient’s email address and telephone number. You can then check the identity of the recipient by a combination of an e-mail and a message to the telephone.

From that moment on it has been carefully demonstrated that the recipient is who he says he is and can be securely reached via the e-mail address. All emails can then securely reach the recipient’s mailbox. After 90 days it is again necessary to send a combination of email and message on the phone again.

Legal framework

Since May 2020, there are new rules for secure emailing with personal health information. These are laid down in the NTA 7516 for secure emailing in healthcare. These rules are based on the following legal frameworks:


Privacy legislation that requires sufficient technical and organisational measures to be taken to prevent confidential data from falling into the wrong hands. Email must be sent encrypted according to this law.


This is the law on the medical treatment agreement. The professional confidentiality of the healthcare professional is laid down in this.

Because these two laws are the basis of the NTA 7516, the NTA 7516 itself does not have to be a law, but the requirements are mandatory for everyone with medical confidentiality. Many local authorities and ministries will also work with the rules of the NTA 7516, because they also regularly need or send personal health information.

Requirements Forum Standardisation:

The open standards for secure digital internet traffic that the forum imposes standardisation on (semi) governments have also been applied in the NTA 7516 requirements. This is another reason why many municipalities and ministries want to apply the NTA 7516 standard for secure e-mailing.

Unknown, unloved.

As initiator for the NTA 7516, SecuMailer has a very smart solution for secure emailing that ensures that both the recipient and the sender can continue to email effortlessly.

Do you want to know if the NTA 7516 is necessary for you? Please contact Yvonne Hoogendoorn via the SecuMailer website.

SecuMailer, send and receive with the greatest ease.