Apple Registration Guide for Health Records
- Welcome
-
- Keep your information up to date
- Update contact information
- Update how a listing is displayed
- Update location information
- Update brand information
- Update names or URLs for a FHIR API endpoint
- Add a FHIR API endpoint
- Suspend patient access
- Remove a FHIR API endpoint
- Switch EHR vendors or update Identity Providers
- Upgrade your FHIR version from DSTU2 to R4
- Claim your healthcare organization
- Report a problem
- Report a security incident
- Request logs
-
- Technical requirements and specifications for Health Records
- Technical requirements and specifications for Health app data Share with Provider
- Health Records Directory Listing FAQ
- Requirements in the Health Records Directory Listing Agreement
- Health app data Share with Provider FAQ
- OAuth guidelines
- Vendor-specific guidelines for Health Records
- Vendor-specific instructions for Health app data Share with Provider
-
- Intro to the privacy and security of Health app data Share with Provider
- Key terms and definitions
- How Apple protects the privacy and security of End-User Data
-
- Intro to Apple’s security program for HIPAA Covered Services
- Data integrity and transmission security
- Security management and governance
- Information access management and authentication
- Threat management and incident response
- System hardening
- Network security
- Contingency planning
- Facilities security and environmental controls
- Workstation and device security
- Audit controls: Logging processes and pipeline
- Attachment A: Apple’s HIPAA Covered Services for healthcare organizations
- Copyright
System hardening
Baseline hardening configurations help drive consistency in the operational environment and provide assurances that systems are built using approved software—all while minimizing the attack surface for a potential malicious code event to exploit.
Security-approved tools for malicious software detection are default requirements in configuration baselines. These tools provide detection, monitoring, and alerting of potential security events and can prevent malicious code from executing. They include defined integration paths to enterprise monitoring and event management capabilities, allowing the information security team to aggregate events across the environment, invoke incident response actions, and support forensics investigations.
شكرًا على ملاحظاتك.