HIPAA compliance and static code analysis
The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law that specifies security and privacy requirements for securing the protected health information (PHI) of patients.
HIPAA security rules cover all aspects of guarding PHI — it’s broader in scope than just software security. Compliance with HIPAA includes having administrative processes, physical barriers, and technical safeguards in place to keep PHI from being exposed. Some of the technical safeguards that are mandatory under HIPAA related to software security include access control, audit controls, integrity controls, and transmission security.
Klocwork static code analysis helps organizations achieve HIPPA compliance with its requirements pertaining to software, from medical devices to patient health care information systems. Klocwork identifies hundreds of the most common ways that your application and data may be compromised by a malicious entity.
