Bergman Clinics
Bergman Clinics has been working with Zivver since 2017. At the time, they chose a solution that met their need for secure communication in a medical context. What started as a choice for more secure e-mail has grown into a strategic pillar within their information security policy in the years that followed.
We are now years further. The requirements are stricter, the risks more complex, and the responsibility clearer. Healthcare organizations can and want to protect the sending of sensitive data as much as possible. In a dynamic working environment with thousands of healthcare professionals, this requires support that goes beyond just encryption.
In practice, it turns out that security incidents are more often caused by a small, human error – such as a wrong email address or too many people in cc – than by bad intentions. That is exactly where the power of modern Data Loss Prevention functionalities lies. Whereas in the past rules were mainly rigid and static, organizations like Bergman Clinics now use smart, contextual alerts — which really help in the moment of sending.
Zivver has invested heavily in this intelligence in recent years. Where rules used to be perceived as 'too simple', thanks to AI they are now able to weigh relevant context, analyse behaviour, and subtly but effectively identify risks.
"We see it immediately reflected in the figures," says Johnny de Jong, Manager ICT Special Services at Bergman Clinics. "As Bergman Clinics, we send more than 100,000 e-mails per month. Everyone knows that mistakes are made where people work. But that is precisely why it is so important to support employees with smart decision support. Zivver's smart alerts help us enormously with this. Because e-mail is used so intensively, there are a considerable number of situations in which we have prevented possible errors. That varies from misspelled addresses, incorrectly selected recipients by auto-complete, to emails with too many people in the TO field that should have been in the BCC field, or messages to someone's private address."
Bergman Clinics actively monitors the impact of the DLP functionalities. In one month alone, Zivver received from Bergman:
147 warnings for possible typos in email addresses, with the address being changed in 63% of cases.
39 alerts about too many recipients in ON or CC, after which employees switched to BCC in 44% of cases.
742 alerts for illogical combinations of recipients, of which 43% had one of the recipients actually customized.
138 warnings for sending to private addresses, where in 15% of the cases the user still decided not to send.
"That's hundreds of times a month that an employee decides differently than he or she planned — because the system thinks along," says Johnny. "And according to Zivver, our employees are already doing a lot better than average employees of a healthcare institution."
As far as Bergman Clinics is concerned, data breach prevention is no longer an optional luxury. Certainly not since the renewed NEN 7510 sets requirements for this type of active measures (chapter 8.12).
"The great thing is that Zivver not only helps to prevent mistakes, but also to show that we do that," Johnny continues. "The reports show where risks have arisen, how employees react, and what the effect of our investment is. That makes the conversation with compliance and directors much more concrete."
For Bergman Clinics, the renewed NEN 7510 was therefore not a reason to panic, but a confirmation that their approach is the right one. Smart prevention has become a prerequisite in an environment where thousands of emails are sent every day — often with medical data.
"The figures from Bergman Clinics clearly show how much risk you run if you don't use smart technology to help people make better choices," says Rick Goud, co-founder of Zivver. "We are talking about three to four potential incidents per employee per month. And we are talking about an organization where awareness and safety are already relatively high on the agenda. The potential impact is huge."
The collaboration between Zivver and Bergman Clinics is one of continuous improvement. What started with secure email has evolved into a smart, adaptive approach to risk management. And that's exactly what healthcare organizations need today: technology that not only protects, but also supports — in everyday life.
"As far as we are concerned, this has become indispensable, and it also fits in with our DNA to want to do better every day," concludes Johnny de Jong. "You can't expect thousands of people to always act flawlessly. But you can give them the right tools to do the right thing. That's where the real value of this collaboration lies."
Because information security in healthcare is not an IT project. It's a culture. And it starts with systems that support the right behavior — at the right time.
%20(1).jpg)
