hipaa-compliance
Safeguard articles tagged "hipaa-compliance" — guides, analysis, and best practices for software supply chain and application security.
7 articles
HIPAA requirements and application security
HIPAA's Security Rule ties ePHI protection to application security, but scanner tools like Checkmarx rarely map findings to 45 CFR safeguards. Here's what compliance teams actually need.
HIPAA application security validation testing
A 2025 HHS rule proposes fixed testing cadences for HIPAA. Heres what security testing requirements demand now, and how Safeguard closes the gaps Veracode leaves.
HIPAA compliance in software development
HIPAA compliance in software development means encryption, access logging, and vulnerability management baked into the SDLC — not paperwork. Here's what engineers must build.
HIPAA compliance requirements for covered entities
What covered entities actually need under HIPAA's Privacy, Security, and Breach Notification Rules—and why compliance dashboards alone won't satisfy an OCR audit.
HIPAA compliance and software composition analysis for he...
HIPAA doesn't name software composition analysis, but auditors increasingly expect it. Here's how healthcare teams use SCA to manage third-party risk and protect ePHI.
Securing electronic health record (EHR) software supply c...
How the Change Healthcare breach, weak EHR vendor risk management, and exposed HL7 FHIR APIs turned healthcare's software supply chain into its biggest security gap.
Third-party risk management for telehealth platforms
A six-step playbook for telehealth vendor risk management: inventory PHI flows, tier HIPAA business associate risk, run SCA on vendor SDKs, and monitor continuously.