Building a NEN 7510 Compliant SaaS to Replace SharePoint in 60+ Clinics

The Client

Digitale Kliniek is a quality and safety management system used by Dutch independent treatment centres (ZBCs) to run the daily machinery of healthcare governance: documents, approvals, incident reporting, audit trails, and the ever-present compliance calendar. It is a registered trademark and the flagship product of BPO-Axsys, founded by Jan Albracht, a quality consultant who has personally guided multiple clinics through NEN 7510 certification.

For years, Digitale Kliniek lived on top of Microsoft SharePoint. It worked. It scaled to roughly sixty clinics. And then it stopped scaling, for reasons we will get to.

The Problem

The original product was a SharePoint template. Each new clinic received its own copy of the site, customised at onboarding, and then maintained in isolation. There was no shared codebase to update. Workflows were held together by eleven Power Automate flows that did everything from approval routing to review reminders. Onboarding a new clinic meant days of manual provisioning. Patching a bug meant patching sixty clinics.

The deeper problem was strategic. Jan had built a healthcare product on a stack that pushed against everything Dutch healthcare buyers were starting to demand: sovereign EU hosting, auditable access controls, NEN 7510 and NEN 7513 readiness, and a predictable SaaS pricing model rather than a one-off licence. SharePoint could be made to limp toward those things. It could not be made to win on them.

Jan came to Mape Media with a clear ask: rebuild Digitale Kliniek from the ground up as a true multi-tenant SaaS, hosted entirely inside the EU, compliant with NEN 7510 by construction rather than by accident, and capable of carrying both the existing sixty clinics and the hundreds he wanted to reach next. IP would stay 100% with BPO-Axsys. The business model would shift from licence sales to recurring revenue.

Our Approach

We treated this as three problems stacked on top of each other: a compliance problem, an architecture problem, and a migration problem. Each one had to be solved in a way that did not compromise the other two.

Phase 1: Compliance-First Architecture

Before writing application code, we locked the compliance foundations down. EU-only hosting and database infrastructure. A dedicated sending domain for transactional email with full DKIM, SPF and DMARC authentication. MFA on by default. Role-based access enforced at the database layer through Row Level Security on every clinical table. An append-only audit trail satisfying NEN 7513. Encryption at rest and in transit, zero US processing paths.

These choices were not aesthetic. They are the parts an auditor reads first.

Phase 2: The Document Lifecycle

The heart of Digitale Kliniek is the journey of a single protocol: drafted, edited, approved, published, scheduled for review, surfaced as a task when its review date arrives. We rebuilt this lifecycle as a first-class workflow, replacing eleven brittle Power Automate flows with code we could test and version. Documents are edited in a rich-text editor, serialised cleanly, rendered to PDF server-side with version, approver, hash and review-date metadata embedded in the file itself, and then published to each clinic's document library with automatic task creation for the next review cycle.

Phase 3: Multi-Tenant From Day One

Sixty existing clinics meant tenancy was not a v2 concern. Every table that touches clinical data is tenant-scoped, every query path is RLS-enforced, every file lives behind a tenant-scoped signed URL. The admin panel lets a clinic operator activate modules, manage users and roles, and configure approval workflows without us touching anything. Onboarding a new clinic stopped being a project and started being a form.

What We Built

• Document management with in-browser editing, versioning, and metadata
• Approval workflow with PDF generation and automatic publication
• Incident reporting module with self-service admin configuration
• Role-aware task dashboard for approvals, incidents and document reviews
• Full admin panel for clinic, user, role and module management
• Multi-tenant database architecture with Row Level Security on every table
• MFA, RBAC, NEN 7513 audit logging, encryption at rest and in transit
• EU-only infrastructure with a dedicated sending domain for notifications
• Migration tooling and runbooks for moving clinics off SharePoint

The Result

Digitale Kliniek sits at the higher end of the Dutch SMB AI investment patterns we track: a sustained custom build rather than a tooling subscription. The payoff is in operational throughput. Digitale Kliniek now runs as a single multi-tenant SaaS instead of sixty isolated SharePoint sites. Onboarding a new clinic dropped from two or three days of manual provisioning to under twenty minutes through the admin panel. The eleven Power Automate flows are gone, replaced by workflows an engineer can read, test and reason about. Document approval cycles that used to take days now close in hours. Support tickets per clinic per month fell by roughly 45% in the first quarter after migration. Every document, approval, incident and access event is logged in a way that survives a NEN 7510 audit. And BPO-Axsys now has the recurring-revenue, IP-owned, EU-hosted platform it needs to chase the rest of the Dutch ZBC market.

"I have worked with software builders for twenty years and I have never experienced anything like this. Mape Media understood Digitale Kliniek deeper than I expected, and then they built exactly what I had in my head, faster than I thought was physically possible. The platform finally feels like the product I always wanted it to be."

, Jan Albracht, Founder, BPO-Axsys

Technology

• React (Next.js): single framework for the UI and the API surface, fast to ship and easy to host.
• PostgreSQL with Row Level Security: EU-hosted, tenant-isolated database with managed auth and MFA.
• Rich-text document editor: a serialisable, extensible editor purpose-built for the document approval lifecycle.
• Server-side PDF rendering: full control over embedded metadata (version, approver, review dates).
• EU-resident transactional email: dedicated sending domain with full authentication (DKIM, SPF, DMARC).
• EU-only hosting: zero-config deployments with preview environments for every change.
• Private source control: IP stays with the client, full version control from day one.