Difference between revisions of "Technical Guidance"

From Cybersec Standards
Jump to: navigation, search
Line 1: Line 1:
This is a collection of resources for implementing security controls in order to achieve compliance with data protection and privacy laws.
+
This is a collection of external resources for implementing security controls in order to achieve compliance with data protection and privacy laws.
  
 
=== Technical Security Controls: ===
 
=== Technical Security Controls: ===
Line 15: Line 15:
 
== Healthcare Industry Security ==
 
== Healthcare Industry Security ==
 
*[https://www.fda.gov/medical-devices/digital-health/cybersecurity FDA's guidance on cybersecurity for medical devices]
 
*[https://www.fda.gov/medical-devices/digital-health/cybersecurity FDA's guidance on cybersecurity for medical devices]
* [[HIPAA Guidance]] for Healthcare industry data security guidance in the United States.
+
* [https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/index.html HIPAA Guidance Materials at U.S. Department of Health & Human Services website]
  
 
==== Mobile App Security ====
 
==== Mobile App Security ====

Revision as of 06:12, 25 July 2020

This is a collection of external resources for implementing security controls in order to achieve compliance with data protection and privacy laws.

Technical Security Controls:

Access Control

Data Integrity

  • Securely implement transaction authorization to protect the transaction integrity

Data Protection

  • Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks

Healthcare Industry Security

Mobile App Security

Privacy Compliance:

Data Protection Impact Assessment (DPIA)

Privacy and Anonymity