2. Being aware of common vulnerabilities related to application development and how to prevent them by writing good code and testing it on a frequent basis.
3. Being aware of application development guidelines in order to comply with HIPAA requirements and security best practices. An important aspect is to ensure any protected health information (PHI) that is collected, modified, and displayed by a customer application is properly logged.
4. Complying with HIPAA business end requirements such as maintaining an up-to-date set of policies and procedures and conducting an annual internal risk assessment.