With respect to security and controls, web or mobile application security is essestial to HIPAA compliance. The HIPAA compliance requirements apply to all the systems that maintains or processes electronic Personal Health Information (ePHI). As required with most data security initiatives, we enforced necessary policies and processes in the following areas: User authentication, Password management, Access controls, Input validation, Secure data storage and transmission, Logging, Monitoring and alerting, Change management, Periodic security assessments and
