Developers and HIPAA

Implementations with external services & Testing

When implementing external services with clients (such as exposing an API to external clients), are there any HIPAA rules/regulations around testing the implementation in a non-prod environment before going live in production? Are there any concerns with PHI or security with testing an implementation (of say an API with an external client) directly in a production environment?

Voting

0 votes
0 up votes
0 down votes