Post - StackShare | StackShare

What kind of medical information are you storing? If you're storing/displaying anything with ePHI (electronic personal health info) you'll need to make sure that you're using a HIPAA compliant service with an executed BAA (Business Associate Agreement) between your company and the hosting service. If you're doing it yourself and storing data on-prem, you'll need to make sure you have data encrypted at rest and in transit. Also a lot of policies, procedures, and training on how internal users can access information and which users can see based on their roles. How you interact with the external client is a whole other ball of wax. Your tech stack shouldn't matter, if you're coding in Python already and your team knows it, Django is a great choice. Django is opinionated, so if that bothers you you can choose Flask instead. Your database doesn't matter either, Postgres is good or SQL Server, or whatever. It is more about how you implement and control access to sensitive information. I would recommend a HITECH/HIPAA expert such as a lawyer in this space to guide you.

Trending on StackShare

Needs advice on code coverage tool in / with External API Te...

I was building a personal project that I needed to store ite...

Your tech stack is solid for building a real-time messaging ...

I had a goal to create the simplest accounting software for ...

Your development environment should ideally match the produc...