A healthcare software provider is designing a new patient management system. To ensure an integrated approach to security, which method should be applied to the project from the beginning?
Introducing security controls during the requirements phase, enforcing coding standards throughout the development process, and performing security testing before the system's release
Reviewing and updating agreements with third-party service providers to improve security incident response times
Encrypting the database to protect patient records without integrating additional security measures throughout the development process
Restricting access to the development environments by implementing role-based access control