build 2.4.5 · aes-256-gcm / ml-kem-768 · eu/de · ram only
REGULATED · NEN 7510 · GDPR

Healthcare data delivery, NEN 7510 compliant.

Patient records, lab results, imaging studies. NEN 7510 requires encrypted transit with access logging. Every email, every shared drive, every USB is a compliance event waiting to happen.

The problem

The gap in clinical data exchange.

Dutch healthcare organizations routinely exchange patient data between systems that don't interoperate. HL7/FHIR covers in-system messaging; it doesn't cover the file that needs to travel from radiology to a referring specialist outside the hospital network. That file travels by email, by WeTransfer, by USB. Each of those channels stores a copy. NEN 7510-1 Article 14.1.1 requires confidential transmission; Article 15.1.3 requires a traceable access log. Most ad-hoc channels satisfy neither.

GDPR adds a second layer: a breach on any of those intermediate channels is a reportable incident to the AP. Healthcare organizations carry the highest-per-record breach cost of any sector precisely because the data is both sensitive and legally regulated. The exposure from a single misdirected email with a patient file is a reportable GDPR breach, a NEN 7510 non-conformance, and a reputational event.

What Paramant adds

End-to-end encryption with a compliant audit trail.

ParaShare encrypts the patient file with ML-KEM-768 + AES-256-GCM before it touches the relay. The relay holds only an opaque ciphertext. The recipient's browser decrypts locally. After pickup, the relay wipes the ciphertext from RAM. A signed receipt (ML-DSA-65, FIPS 204) records which file was delivered, to which recipient, and at which time. That receipt is the NEN 7510 Article 15.1.3 access log.

The relay runs on Hetzner DE. EU jurisdiction, no US CLOUD Act exposure, no data leaving the EEA. A pre-signed GDPR Data Processing Agreement is available on Business and Enterprise plans.

Workflow

How a secure transfer works.

01
Clinician or admin uploads the patient file via ParaShare (web or CLI)
02
Paramant encrypts end-to-end — only the recipient can decrypt; relay sees only ciphertext
03
Recipient receives a one-time delivery link via the channel of your choice (email, secure message)
04
After download, the ciphertext is wiped from relay RAM — no retention, no copy
05
Both parties receive an ML-DSA-65 signed receipt logged to the Paramant CT log
Compliance

NEN 7510 and GDPR mapping.

RequirementParamant control
NEN 7510-1 Art. 14.1.1 — Encrypted transitML-KEM-768 + AES-256-GCM end-to-end; relay cannot decrypt
NEN 7510-1 Art. 14.1.4 — Access controlBurn-on-read: one authorised download, then the ciphertext is gone
NEN 7510-1 Art. 15.1.3 — Audit trailML-DSA-65 signed receipt: file hash, recipient, timestamp, CT log entry
NEN 7510-2 Art. 12.3 — Data minimisationRAM-only relay; no persistent storage of patient data
GDPR Art. 32 — Technical measuresFIPS 203/204 encryption, EU/DE hosting, no US CLOUD Act
GDPR Art. 28 — Processor agreementPre-signed DPA available on Business and Enterprise plans

See also: full NEN 7510 compliance guide and Data Processing Agreement.

Ready for your first compliant transfer?

Business and Enterprise plans include a pre-signed NEN 7510 DPA. Start free, upgrade when your compliance officer asks.

Create free account → NEN 7510 compliance guide →

ML-KEM-768 · NEN 7510 · GDPR Art. 32 · EU/DE