It is often a discussion between what is required and what is essential for your application designs. For Healthcare Applications, it is extremely important to balance the act of decision making when you know your application will host PHI.
PHI stands for Patient Health Information is the most important and crucial data, that needs to be protected. PHI can be anything that contains Patient Health Information, be it medical reports, specific application screens or PHI available for research use on public domain. There are guidelines when it comes to de-identification of such datasets that are used in public domain.
However, I will try to keep my post specific to functional and non-functional needs. Here are some of the important aspects that we pick up, while meeting security aspects of system –
At hosting server level, there are different provisions that are done to ensure the application hosting environment is sufficiently secured against malware attacks, vulnerabilities and physically secured.
Apart from these we have been also using ethical hackers to perform an independent security testing that takes care of all the risks and vulnerabilities.
In my next blogs, I will try to elaborate a specific scenario with some more examples!!! Stay tuned…