1. Expansion of the audit scope to include 3fifty
This year, for the first time, 3fifty has been included within the Databalance audit scope. An important milestone in the further integration of our organizations.
By bringing 3fifty within the same scope, we:
- harmonize processes and controls;
- ensure a uniform approach to quality and security;
- strengthen our joint governance.
By working from a single shared management system and audit cycle, we ensure that the same level of quality, information security and control is pursued across the entire Databalance group. Regardless of which entity clients engage for services, they can count on a consistent way of working and the same high level of control and assurance.
2. Upgrade to NEN 7510:2024
This year, Databalance is making the transition from the previous NEN 7510:2017 standard to the current NEN 7510:2024.
NEN 7510 is the Dutch standard for information security in healthcare and is closely aligned with international standards such as ISO 27001.
With the upgrade to the new version, we have further aligned our practices with the way we already work from an ISO 27001:2022 perspective. This upgrade ensures that our security approach demonstrably aligns with current legislation, technologies, threat landscapes and developments within the digital landscape. For healthcare organizations and other clients in regulated sectors, this is essential.
3. From three ISAE statements to one joint statement
Where we previously had three separate ISAE statements, this year we are taking the step towards one joint ISAE statement for Databalance, with the exception of 3fifty.
ISAE 3402 is an international assurance standard through which independent auditors assess whether internal controls are effectively designed and operating as intended.
By consolidating into one statement, we:
- simplify the reporting structure;
- create greater transparency for clients and auditors;
- strengthen the positioning of Databalance as one integrated organization.
his step emphasizes the organizational integration and strengthens our positioning as one Databalance.
Compliance and governance
Compliance and information security at Databalance are not a point-in-time exercise, but structurally embedded in our architectures, management processes and governance. The audit week is therefore not a starting point, but a confirmation of an ongoing process of control and improvement.
What does this mean in practice? Regardless of where within the Databalance group you engage services, you can count on the same level of control, quality and information security. This also means demonstrable risk management, assurance of continuity and transparency towards regulators and stakeholders.
A full overview of our current certifications can be found on our Certifications page.
Moving forward as one Databalance
The expansion of the scope, the upgrade to NEN 7510:2024 and the consolidation of our ISAE statements underscore our continued integration and professionalization.
Not as an audit obligation, but as a integral part of the way we organize our services.