Safeguard
Tag

healthcare-security

Safeguard articles tagged "healthcare-security" — guides, analysis, and best practices for software supply chain and application security.

11 articles

Compliance

The HIPAA Security Rule for Software Teams: Safeguards, Structure, and Change Ahead

The HIPAA Security Rule is technology-neutral by design, but its administrative, physical, and technical safeguards translate into concrete engineering work. Here's how the rule is structured and how a proposed 2025 overhaul could tighten it.

Jul 4, 20266 min read
Compliance

HIPAA compliance for developers: securing the software supply chain

HIPAA does not name your open source dependencies, but its Security Rule holds you responsible for them. Here's what developers building health-tech actually need to do.

Jul 2, 20266 min read
Compliance

HIPAA requirements and application security

HIPAA's Security Rule ties ePHI protection to application security, but scanner tools like Checkmarx rarely map findings to 45 CFR safeguards. Here's what compliance teams actually need.

Jun 25, 20267 min read
Threat Intelligence

Ransomware vs. Hospitals: The 2026 Healthcare Surge and the Push to Call It Terrorism

Healthcare ransomware dipped in volume in May 2026 but kept climbing in impact, and a former FBI cyber chief is asking Congress to treat hospital ransomware as terrorism. We weigh the policy debate against what actually protects patients.

Jun 20, 20267 min read
Compliance

HIPAA application security validation testing

A 2025 HHS rule proposes fixed testing cadences for HIPAA. Heres what security testing requirements demand now, and how Safeguard closes the gaps Veracode leaves.

Jun 18, 20268 min read
Compliance

HIPAA compliance in software development

HIPAA compliance in software development means encryption, access logging, and vulnerability management baked into the SDLC — not paperwork. Here's what engineers must build.

May 12, 20266 min read
Regulatory Compliance

HIPAA compliance requirements for covered entities

What covered entities actually need under HIPAA's Privacy, Security, and Breach Notification Rules—and why compliance dashboards alone won't satisfy an OCR audit.

Mar 20, 20266 min read
Software Supply Chain Security

Software supply chain security for medical devices

How FDA premarket cybersecurity rules, medical device SBOMs, and firmware vulnerabilities like Ripple20 and SweynTooth are reshaping supply chain security for connected medical devices.

Jan 3, 20267 min read
Regulatory Compliance

HIPAA compliance and software composition analysis for he...

HIPAA doesn't name software composition analysis, but auditors increasingly expect it. Here's how healthcare teams use SCA to manage third-party risk and protect ePHI.

Jan 2, 20267 min read
Buyer's Guides

Buyer's guide: selecting an SBOM tool for medical device ...

A buyer's guide comparing SBOM and SCA tools for medical device makers navigating FDA cybersecurity requirements, with honest vendor strengths and limitations.

Jan 1, 20268 min read
Compliance

HIPAA and Third-Party Software Components: A Developer Guide

HIPAA never mentions npm, but a vulnerable dependency in an ePHI system is a Security Rule problem. How risk analysis, patching, and BAAs map to your dependency tree.

Jun 23, 20246 min read
healthcare-security — Safeguard Blog