Security Requirements for Medical Applications [closed]

Asked 16/4, 2009 at 16:7 Answered 29/7, 2011 at 4:19

I'm doing research on coding requirements for medical applications but I can't find anything useful/structured. Basically I'm looking for structured (if possible XML file) document with the list of security requirement. For example what kind of encryption they should use, what features of the app should be disabled by the default, what log info should be stored and how to store it, etc.

Of course requirements can be different for different apps and companies, i just need some general information and if possible for the US.

Spitz answered 16/4, 2009 at 16:7 Comment(1)

I would really hope that no government would mandate any particular security, and it would be up to your company to decide how to do it... but judging by the first answer here, at least Australia has taken steps down that dangerous path. So depressing. – Kith 16/4, 2009 at 16:13

For the US, you can check out the HIPAA guide for web programmers.

Knotting answered 16/4, 2009 at 16:11 Comment(0)

HL7 is what you need.

Some links:

http://aurora.regenstrief.org/security/

http://www.hl7.org.au/docs/HL7-Sec.htm

Sacttler answered 16/4, 2009 at 16:10 Comment(0)

In addition, consider supporting the OWASP top ten.

Gracchus answered 19/4, 2009 at 0:41 Comment(0)

For your medical applications, are they specific to images? If so, you might refer to the DICOM 3.0 standard.

Here are some chapters for references (what kind of encryption algorithms to be used, which part should be de-identified etc..)

Guillot answered 29/7, 2011 at 4:19 Comment(0)

Recommended topics

Hot tags