Safeguard
Tag

phi

Safeguard articles tagged "phi" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Compliance & Frameworks

A HIPAA technical safeguards checklist for application security teams

HHS reported 663 large healthcare breaches in 2024 exposing 242.9M records. Here's how §164.312's technical safeguards map to concrete app-sec controls.

Jul 9, 20267 min read
Compliance

HIPAA Security Rule Update: What the 2026 Final Rule Will Require

HHS published the HIPAA Security Rule NPRM in January 2025. Finalization is on the agenda for 2026. Covered entities and business associates need to start work now.

May 20, 20266 min read
Regulatory Compliance

HIPAA and the Software Supply Chain in 2026

The HIPAA Security Rule has not changed, but OCR enforcement and the 2024 NPRM are reshaping what supply chain controls covered entities and business associates must demonstrate.

Mar 3, 20265 min read
Industry Analysis

Healthcare Supply Chain Security Baseline for 2026

What hospitals and payers should actually require from their software vendors in 2026: HIPAA-aligned controls, SBOM expectations, and the threats now hitting clinical environments.

Feb 11, 20266 min read
Regulation

HIPAA Security Rule NPRM: Encryption, MFA, and the End of 'Addressable'

OCR's December 27, 2024 NPRM removes the addressable/required distinction and mandates encryption, MFA, semi-annual vulnerability scans, and annual penetration tests for ePHI.

Feb 25, 20256 min read
Compliance

HIPAA and Software Supply Chain Compliance for Health Tech

HIPAA's Security Rule requires safeguards that extend to software dependencies. Here's what health tech developers and vendors need to address.

May 25, 20236 min read
phi — Safeguard Blog