CompTIA CySA+ (CS0-001) — Question 115

A medical organization recently started accepting payments over the phone. The manager is concerned about the impact of the storage of different types of data.
Which of the following types of data incurs the highest regulatory constraints?

Answer options

• A. PHI
• B. PCI
• C. PII
• D. IP

Correct answer: B

Explanation

The correct answer is B, PCI, because Payment Card Industry data is subject to strict regulations to protect cardholder information. While PHI (A) and PII (C) also have regulatory requirements, PCI compliance is particularly rigorous due to the financial implications and potential for identity theft. IP (D) does not have the same level of regulatory scrutiny as the other data types listed.