Young hacker smiling

We hack your software

zero false positives

Expert intelligence + specialized technology

REQ.214 Allow data destruction

This document contains the details of the security requirements related to the definition and management of mobile devices in the organization. This requirement establishes the importance of managing remote data destruction on mobile devices containing sensitive information.

Requirement

The mobile device must allow remote data destruction in case of loss.

References

  1. HIPAA Security Rules 164.310(d)(2)(i): Disposal: Implement policies and procedures to address the final disposition of electronic protected health information and/or the hardware or electronic media on which it is stored.

  2. HIPAA Security Rules 164.312(e)(2)(i): Integrity Controls: Implement security measures to ensure that electronically transmitted electronic protected health information is not improperly modified without detection until disposed of.

  3. OWASP-ASVS v3.1-9.11 Verify that sensitive information maintained in memory is overwritten with zeros as soon as it no longer required, to mitigate memory dumping attacks.


Service status - Terms of Use