JavaScript is disabled. Please enable to continue!
Compliance >> Security Audit >> VIPP Audit

VIPP Audit

Sidebar Image

What is VIPP?

The VIPP is a compliance regime for the Netherlands.

VIPP is an implementation program that helps hospitals and healthcare institutions to give the patient access to his medical data. VIPP connects with existing national standards when it comes to exchanging information between patients and care providers. The program makes it possible for healthcare institutions that participate in the program to accelerate the implementation of these standards over the next three years.

What does a VIPP audit deliver?

The Netherlands Ministry of Health, Welfare and Sport has established a policy framework for the subsidization of VIPP in consultation with the Dutch Association of Hospitals (NVZ). VIPP consists of two parts with multiple modules. To qualify for a VIPP subsidy, it must be independently established that the relevant goals have been achieved per module. A hospital or healthcare institution can have an IT audit carried out by a Registered EDP-Auditor (RE).

The design of a VIPP audit

The test can be requested for one or more modules at once, as long as they fall within the timeline of the modules. The test determines at the end of the test period whether the conditions of the subsidy scheme have been met.

The test has to be conducted According to Guideline 3000 of NOREA. The object of investigation is the design and operational effectiveness of data processing with the help of the modules developed by, or used by the hospital. A control framework has been drawn up for carrying out the audit, in which the conditions for the subsidy have been elaborated.

Benefits of a VIPP audit by Qbit

  • Delivering a high level of consumer / customer confidence
  • One single point of contact for all steps - making communications simple 
  • The ease of working with an established leader in cyber security


Contact us for more information