Hi, asking for the opinion of elixir devs with experience in HIPAA compliancy.
As far as authentication goes. Is there a preference of token-based vs session-based authentication to ensure HIPAA compliancy? Would devs implementing authentication be predisposed to use one method over the other? Does HIPAA compliancy even prioritize one method over the other?