SnowPro Advanced: Architect — Question 60

A healthcare company is deploying a Snowflake account that may include Personal Health Information (PHI). The company must ensure compliance with all relevant privacy standards.
Which best practice recommendations will meet data protection and compliance requirements? (Choose three.)

Answer options

• A. Use, at minimum, the Business Critical edition of Snowflake.
• B. Create Dynamic Data Masking policies and apply them to columns that contain PHI.
• C. Use the Internal Tokenization feature to obfuscate sensitive data.
• D. Use the External Tokenization feature to obfuscate sensitive data.
• E. Rewrite SQL queries to eliminate projections of PHI data based on current_role().
• F. Avoid sharing data with partner organizations.

Correct answer: A, B, D

Explanation

The correct answers are A, B, and D. The Business Critical edition provides advanced security features necessary for handling PHI. Dynamic Data Masking helps protect sensitive data in real-time, and the External Tokenization feature is specifically designed for obfuscating sensitive data before it leaves the Snowflake environment. Options C and E do not meet the compliance requirements as effectively, and F may not be practical in all business scenarios.