REQ.214 Allow data destruction
The mobile device must allow remote data destruction in case of loss.
HIPAA Security Rules 164.310(d)(2)(i): Disposal: Implement policies and procedures to address the final disposition of electronic protected health information and/or the hardware or electronic media on which it is stored.
HIPAA Security Rules 164.312(e)(2)(i): Integrity Controls: Implement security measures to ensure that electronically transmitted electronic protected health information is not improperly modified without detection until disposed of.
OWASP-ASVS v3.1-9.11 Verify that sensitive information maintained in memory is overwritten with zeros as soon as it no longer required, to mitigate memory dumping attacks.