I am looking into working with a client who wishes to create an application that would be used in a dental office. This application would of course contain patient and dental information. So what I am trying to find out about are software requirements needed to make sure my app would be HIPAA compliant. Since StrataFrame is designed by those who make medical software I figured this would be a great place to ask.



Would just utilizing the encryption methods within StrataFrame and encrypting the data in the backend be sufficient?

When an authorized end-user uses the app, would I need to have my own security system for logins in place? Or can the end-user utilize their Windows login name to ease the pain of maintaining users and roles separately within the application?



Thanks for any help on this.

-Matt