Certified Ethical Hacker (CEH v12) — Question 44
Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed on the Internet and someone can find them with a simple Google search. Bob’s boss is very worried because of regulations that protect those data.
Which of the following regulations is mostly violated?
Answer options
- A. PCI DSS
- B. PII
- C. ISO 2002
- D. HIPPA/PHI
Correct answer: D
Explanation
The correct answer is D, HIPAA/PHI, as it specifically governs the privacy and security of patients' medical records. Options A (PCI DSS) and B (PII) do not directly pertain to medical information, while C (ISO 2002) is not a relevant regulation for personal health information.