CompTIA Security+ (SY0-601) — Question 77

Two hospitals merged into a single organization. The privacy officer requested a review of all records to ensure encryption was used during record storage, in compliance with regulations. During the review, the officer discovered that medical diagnosis codes and patient names were left unsecured. Which of the following types of data does this combination BEST represent?

Answer options

• A. Personal health information
• B. Personally identifiable information
• C. Tokenized data
• D. Proprietary data

Correct answer: A

Explanation

The correct answer is A, as the combination of medical diagnosis codes and patient names constitutes Personal health information (PHI), which is specifically protected under privacy regulations. Options B, C, and D are incorrect because they refer to other types of data that do not specifically encompass the health-related context of the provided information.