Difference between revisions of "Technical Guidance"

From Cybersec Standards
Jump to: navigation, search
Line 12: Line 12:
 
==== Data Protection ====
 
==== Data Protection ====
 
* Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks
 
* Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks
 +
 +
== Healthcare Industry Security ==
 +
*[https://www.fda.gov/medical-devices/digital-health/cybersecurity FDA's guidance on cybersecurity for medical devices]
 +
* [[HIPAA Guidance]] for Healthcare industry data security guidance in the United States.
  
 
==== Mobile App Security ====
 
==== Mobile App Security ====

Revision as of 06:10, 25 July 2020

This is a collection of resources for implementing security controls in order to achieve compliance with data protection and privacy laws.

Technical Security Controls:

Access Control

Data Integrity

  • Securely implement transaction authorization to protect the transaction integrity

Data Protection

  • Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks

Healthcare Industry Security

Mobile App Security

Privacy Compliance:

Data Protection Impact Assessment (DPIA)

Privacy and Anonymity