The organization must generate a threat model for the system,
identifying all potential threats and covering STRIDE
(Spoofing, Tampering, Repudiation, Information Disclosure,
Denial of Service, Elevation of Privilege).
HIPAA Security Rules 164.308(a)(1)(ii)(A):
Risk Analysis: Conduct an accurate and thorough assessment
of the potential risks and vulnerabilities to the confidentiality,
integrity, and availability of electronic protected health information
held by the covered entity.
HIPAA Security Rules 164.310(a)(2)(ii):
Facility Security Plan: Implement policies and procedures
to safeguard the facility and the equipment therein
from unauthorized physical access, tampering, and theft.
A threat model for the application and the associated remote services
has been produced that identifies potential threats and countermeasures.