January 16, 2026
Double-locks, double-LOL
Zorgdomein Integration: A Guide to Secure .NET and Azure Architecture
Dutch health data gets a “double lock” — commenters cry Azure can’t be trusted
TLDR: A Dutch healthcare integration uses a two-layer security setup (mutual TLS and special tokens) and converts data to a standard hospital format. Comments explode over Azure’s trust in Europe, calling it fluff and warning US laws could access data, fueling cloud sovereignty fears about patient privacy.
The article promises a high-security hookup between Dutch healthcare and Zorgdomein, using a “double lock”: mutual TLS (a two-way digital handshake) and special JWT tokens (think digital badges that prove who you are). It also translates internal data to FHIR — a global medical data format — so hospitals can read it. But the crowd isn’t clapping.
The loudest chorus: Azure can’t be trusted in Europe. One commenter blasts, “Dutch + secure + azure = oxymoron,” while another insists US law could force Microsoft to hand over data without telling anyone. Others dismiss the write-up as fluff: “A lot of text without content” and “who’s upvoting this?” And then came the spicy jab about “Dutch healthcare… in India,” hinting at outsourcing fears and data sovereignty panic.
To be fair, the guide’s approach is serious — mTLS adds a second lock, JWT checks who’s allowed, and profile-aware FHIR mapping ensures Dutch-specific details (like national IDs and addresses) don’t break hospital rules. But the vibe in the comments is pure cloud drama: less “how did they secure it?” and more “who controls the keys?” Memes fly — padlocks on padlocks, double-lock? more like double-LOL — turning a technical deep dive into a referendum on trust, law, and patient privacy.
Key Points
- •The integration targets Zorgdomein, enabling bidirectional exchange between a SaaS platform and Dutch hospitals.
- •Security uses a “Double-Lock” model: mTLS at transport and specialized JWTs at the application layer.
- •IIS is configured to require client certificates and properly validate trust chains for mTLS.
- •Custom .NET JWT middleware extends JwtSecurityTokenHandler to validate non-standard claims and enforce contextual authorization.
- •Data is transformed from .NET POCOs to FHIR with HL7 NL profiles via a translation service using Hl7.Fhir.Net, including Dutch-specific extensions like BSN.