I'm doing research on coding requirements for medical applications but I can't find anything useful/structured. Basically I'm looking for structured (if possible XML file) document with the list of security requirement. For example what kind of encryption they should use, what features of the app should be disabled by the default, what log info should be stored and how to store it, etc.
Of course requirements can be different for different apps and companies, i just need some general information and if possible for the US.