During the planning phase of a hospital's project to deploy a cloud-hosted relational database that will store patient billing details along with employee HR records, the project manager must identify the single highest-priority action to assure data compliance and security for all stakeholders throughout the project. Which activity should be prioritized?
Conduct a data classification and privacy impact assessment, then implement required access controls and encryption
Verify that the selected database driver version is fully compatible with existing applications
Tune indexing strategies and storage parameters to improve query performance
Schedule training workshops for end users and support staff
A data classification and privacy impact assessment lets the team map where sensitive information such as PII and PHI will reside and apply the required safeguards-role-based access, encryption, and auditing-mandated by regulations. Without this foundational compliance step, later tasks like performance tuning, training, or integration cannot guarantee the project meets legal and security obligations.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are PII and PHI, and why are they important in database compliance?
Open an interactive chat with Bash
What are data classification and privacy regulations, and how do they influence database design?
Open an interactive chat with Bash
What encryption methods can be used to secure sensitive data in a database?