Synopsys Software Integrity Group is now operating as Black Duck Software, Inc., a subsidiary of Synopsys. Click to learn more.

close search bar

Sorry, not available in this language yet

close language selection

Secure Development for Healthcare

Course Description

This course presents the current compliance landscape for building applications for the healthcare sector. Health information is the most sensitive and critical category of personal data. This course outlines the requirements for protecting health information that are either defined by legal and compliance frameworks or established as best practices. It focuses on requirements for authentication, authorization, and access control, and also presents requirements for encryption and data integrity that were brought about by legislation such as HIPAA and the HITECH Act. It also covers the requirements for breach detection and notification. The course concludes with requirements for developing software for medical devices and deploying them in a healthcare provider.

Learning Objectives

  • Understand the main legal and compliance frameworks for healthcare and the requirements they bring to developing applications
  • Identify personal health information and implement security controls to adequately protect it
  • Implement best practices regarding authentication and controlling access to health information
  • Understand the requirements for breach notification
  • Describe the security and privacy requirements when developing software for medical devices and subsequently deploying them in a healthcare provider

Details

Delivery Format: eLearning

Duration: 1 Hour

Level: Beginner

Intended Audience:

  • Architects
  • Back-End Developers
  • Enterprise Developers
  • Front-end Developers
  • Mobile Developers
  • QA Engineers

Prerequisites: None

Course Outline

Challenges of Developing Healthcare Applications

  • Severity of the Problem
  • Current Challenges for Software Developers in the Healthcare Sector

Legal and Regulatory Compliance in the Healthcare Industry

  • Introduction to Compliance Frameworks for Healthcare
  • Significant Regulations for Cyber Security Requirements in the Healthcare Sector
  • Applicability
  • Applicability Continued
  • Patient Rights
  • Requirements for Software Developers
  • When to Include Software Security
  • Requirements for Purchasing Medical Equipment
  • Requirements for Mobile Applications

Health Information Protection

  • Definitions
  • Data Protection and Encryption
  • Data Integrity
  • Data Recovery and Disposal

Securing Healthcare Applications

  • Authentication and Authorization
  • Access Control
  • Auditing and Logging
  • Breach Detection and Notification

Medical Devices Security

  • Compliance for Medical Devices
  • Security for Medical Devices

Deployment Best Practices

 

Training

Developer Security Training

Equip development teams with the skills and education to write secure code and fix issues faster