

SE Radio 639: Cody Ebberson on Regulated Industries
9 snips Oct 23, 2024
Cody Ebberson, Co-founder and CTO of Medplum and an experienced software engineer, dives into the challenges of software development in regulated industries like healthcare and finance. He discusses how to translate regulatory demands into actionable tests, emphasizing the importance of automation. The conversation covers navigating compliance while maintaining agility, risk management strategies, and the balancing act between security updates and operational stability. Cody also examines the role of automation in testing and the complexities surrounding logging in these sensitive environments.
AI Snips
Chapters
Transcript
Episode notes
Regulated Industries Defined
- Regulated industries like healthcare, finance, and security have extra requirements.
- These ensure legal, ethical compliance, and protect user rights, data, and safety.
Regulation Origins
- Regulations often come from government bodies (like HHS for healthcare, enacting HIPAA) or industry standards.
- Market forces also drive regulations, like SOC 2 for data security controls.
Regulations as Constraints
- Treat regulations as clear constraints to guide software development.
- Translate these constraints into unit and integration tests within your CI/CD pipeline.