A healthcare company is deploying a Snowflake account that may include Personal Health Information (PHI). The company must ensure compliance with all relevant privacy standards.
Which best practice recommendations will meet data protection and compliance requirements? (Choose three.)
To ensure compliance with privacy standards such as HIPAA for Personal Health Information (PHI), the healthcare company should adopt several key practices. First, using at minimum the Business Critical edition of Snowflake is essential because it provides enhanced data protection and compliance features required for handling sensitive data. Second, creating Dynamic Data Masking policies is crucial for protecting PHI by ensuring sensitive data is only visible to authorized users. Third, using the Internal Tokenization feature can effectively obfuscate sensitive information, adding an extra layer of security. These practices collectively help the company meet stringent data protection and compliance requirements.
A,B,D. You need External Tokenization and Dynamic data masking to meet the compliance and privacy requirements. While bot of those features are available within Enterprise Edition, Snowflakes documentation specifies to use Business critical where you have PHI and other privacy requirements. Business Critical Edition, offers even higher levels of data protection to support the needs of organizations with extremely sensitive data, particularly PHI data that must comply with HIPAA and HITRUST CSF regulations. It includes all the features and services of Enterprise Edition, with the addition of enhanced security and data protection. In addition, database failover/failback adds support for business continuity and disaster recovery. https://docs.snowflake.com/en/user-guide/intro-editions
Answer is A,B,D and is validated
changing to B, C, E
Answer B, C & F