Hacker News new | ask | show | jobs
by notesinthefield 124 days ago
HIPAA is one of the few that makes clear the types of data (PHI and PII) that come under the frameworks purview during development which makes masking mandatory for non-production environments. Other frameworks families, NIST RMF, FedRAMP and CMMC very much care about software development practices in depth.
1 comments
raw_anon_1111 123 days ago
But do they care whether your code was shared with a third party?
link
notesinthefield 123 days ago
Of course, is this a serious question?
link
cap11235 123 days ago
Is code personal information?
link
notesinthefield 123 days ago
My statement wasnt a literal reflection of software and data protection controls. Youre free to explore those mentioned.
link