Professional Documents
Culture Documents
KhadijaYaseen
Secure SDLC
1: Planning
potential security risks such as data breaches,
unauthorized access, and system vulnerabilities.
2: Requirements Analysis:
Define specific access controls, authentication mechanisms, and
encryption requirements based on the identified security risks.
3: Design
Overall system architecture and design
4: Development
secure coding practices to mitigate common vulnerabilities such as SQL injection.
5: Testing
Static Analysis
Dynamic Analysis
Penetration Testing
Secure SDLC
6: Release
7: Maintenance
Regularly review and update security measures
SOC 2
Soc2 report
SOC 2
HIPAA
Biggest Fine
$ 16 Million againt
Anthem
HIPAA COMPLIANT
Business Associates
Covered Entities
HIPAA Rules
Privacy Rule(Set Specific Standards) Limits and conditions on use and
disclosure of PHI
Security(protection of EPHI)
Administrative Safeguard
Physical Safeguard Technical Safeguard
Proper training
Alarm,Locks,Cameras FireWalls,Encryption,DataBackups
Data Processor
processes personal data
Data Controller
why and how personal data is
processed.