You have been tasked with protecting user’s medical records.
What type of information are you protecting?
Medical records are considered Personal Health Information (PHI) and must be protected from unauthorized disclosure.
Personally identifiable (PII) is any piece of information that can be used to uniquely a person, such as full name, account name, phone number, license number, date of birth, social security number, or any other personal attribute.
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is the act governs the handling of PHI.
The Payment Card Industry Data Security Standard (PCI DSS) protects credit card information, not medical records.
Objective: Security Concepts
Sub-Objective: Describe these terms: Threat actor, Run Book Automation (RBA), Chain of custody (evidentiary), reverse engineering, Sliding windows anomaly detection, PII, PHI