The UK healthcare market is known for its stringent data privacy and security standards, such as the NHS Data Security and Protection Toolkit (DSPT), Digital Technology Assessment Criteria (DTAC), and Cyber Essentials. Even for British digital health solutions, complying with these regulations can be challenging, let alone for non-UK entities seeking to enter the market. While several European countries such as Germany, Spain, and Belgium have strict regulations for deploying digital health innovations, the complex and intricate nature of the NHS often demands specialised knowledge to navigate successfully. This situation creates a significant barrier for EU organisations entering the UK market.

Established in 2014 by Prof. Dr. Theo Wiggers and a team of professionals, Incision is an established EU healthcare scale-up dedicated to broadening access to high-quality surgical education globally. Its specialised SaaS e-learning platform and apps deliver cost-effective and scalable surgical training to over 200 universities, hospitals, and surgical teams worldwide, covering everything from fundamental surgical concepts to advanced topics like core anaesthetic principles and infection prevention strategies.

Incision planned to expand its presence in the UK healthcare market but encountered the obstacle of navigating the complex compliance landscape of the NHS. To successfully achieve this, Incision needed a solution that could both guide them through the intricate compliance journey and seamlessly integrate with their existing operations. Furthermore, the solution had to be cost-effective, provide good value for money, and allow Incision to maintain its current momentum without disrupting its ongoing activities.

Incision opted for Naq's automated healthcare compliance platform to effectively navigate the complexities of NHS healthcare compliance. Naq's platform streamlined the journey towards meeting critical frameworks critical to supply the NHS, such as the NHS Data Security and Protection Toolkit (DSPT) and Cyber Essentials, providing Incision with a clear overview of the necessary steps for compliance. In addition to a comprehensive overview of Incision's NHS compliance posture, Naq's platform has provided a thorough view of its cybersecurity status, simplifying internal device security management and the delivery of company-wide security training, an essential component of the NHS DSPT. 

In addition to the platform, Naq's expert compliance team supported Incision through navigating some of the intricacies of entering the UK healthcare market, including support with due diligence questionnaires. The combination of Naq's automated platform and expert support allowed Incision to efficiently meet the NHS's stringent standards, offering substantial value and negating the need for external consultants.

Edward Jack, IT Manager, Incision, commented on the Naq solution: "Naq provided us with outstanding service to prepare us for and enable us to meet the complex cyber security regulatory requirements for the NHS. 

Their help with internal device security management was invaluable in improving our security posture and capabilities. Expert advice and brilliant support guided us through this complex process very smoothly."

The partnership with Naq enabled Incision to meet the NHS DSPT and Cyber Essentials frameworks, marking a significant step in their venture into the UK healthcare sector. For Incision, attaining compliance was more than just fulfilling a checklist; it represented a deep-seated commitment to the highest data privacy and security standards, with an ongoing pledge to maintain these critical standards. 

Ritsaart van Montfrans, CEO, Incision, commented: As a fast-growing company with high standards for quality, we needed a partner with a broad range of expertise that offered excellent value for money. Naq continues to deliver on both fronts."