Confidentiality Flashcards
Confidentiality
Definition: - Refers to the protection of information from unauthorized access and disclosure.
- Ensure that private or sensitive information is not available or disclosed to unauthorized individuals, entities, or processes.
Confidentiality is important for 3 main reasons
To protect personal privacy
To maintain a business advantage
To achieve regulatory compliance
- PII (Personal Identifiable Information)
- PHI (Protected Health Information)
- Various types of financial data
Five Basic Methods to ensure Confidentiality
Encryption / Access Controls / Data Masking / Physical Security Measures / Training and Awareness
Exam tips
Confidentiality is to do with Data Protection
What is Encryption?
Process of converting data into a code to prevent unauthorized access.
What is Access Controls?
By setting up strong user permissions, you ensure that only authorized personnel can access certain types data.
What is Data Masking?
Method that involves obscuring specific data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users.
What is Physical Security Measures?
Ensure confidentiality for both physical types of data, such as paper records stored in a filing cabinet, and for digital information contained on servers and workstations.
Training and Awareness
Conduct regular training on the security awareness best practices that employees can use to protect their organization’s sensitive data