The use-cases must keep record of all system security events.
GDPR. Art. 33: Notification of a personal data breach
to the supervisory authority.(5)
The controller shall document any personal data breaches,
comprising the facts relating to the personal data breach,
its effects and the remedial action taken.
HIPAA Security Rules 164.312(a)(2)(ii):
Emergency Access Procedure: Establish (and implement as needed)
procedures for obtaining necessary electronic protected health information
during an emergency.
Ready to start with Fluid Attacks?
Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.