Consent manager flow, HPR/HFR provider hygiene, API authentication between HIS and ABDM sandbox/production
02
PACS/DICOM exposure
Imaging servers often leaked to the public internet — restrict to imaging VLAN only
03
HIS/EMR hardening
Default installs, exposed admin panels, shared logins for clinical staff
04
Patient data encryption
TDE at rest and TLS in transit for everything touching PHI
05
Medical device segmentation
Imaging modalities and biomed devices must not share VLANs with workstations
06
DPDP grievance officer
Required by law — most healthcare providers have not appointed one yet
Who this is for
Hospitals (single-specialty to multispecialty chains), diagnostic labs, telemedicine platforms, pharma companies, health-tech SaaS, and any organisation handling patient health records.