Learn the top recommendations for safeguarding Personal Health Information (PHI) in Snowflake, ensuring compliance with privacy standards through data masking, tokenization, and access controls.
Table of Contents
Question
A healthcare company is deploying a Snowflake account that may include Personal Health Information (PHI). The company must ensure compliance with all relevant privacy standards.
Which best practice recommendations will meet data protection and compliance requirements? (Choose three.)
A. Use, at minimum, the Business Critical edition of Snowflake.
B. Create Dynamic Data Masking policies and apply them to columns that contain PHI.
C. Use the Internal Tokenization feature to obfuscate sensitive data.
D. Use the External Tokenization feature to obfuscate sensitive data.
E. Rewrite SQL queries to eliminate projections of PHI data based on current_role().
F. Avoid sharing data with partner organizations.
Answer
A. Use, at minimum, the Business Critical edition of Snowflake.
B. Create Dynamic Data Masking policies and apply them to columns that contain PHI.
D. Use the External Tokenization feature to obfuscate sensitive data.
Explanation
A. Using the Business Critical edition or higher provides enhanced security features and controls essential for protecting sensitive PHI data.
B. Dynamic Data Masking policies can be applied to columns containing PHI, obfuscating sensitive information based on user roles and permissions, ensuring only authorized users can access unmasked data.
D. External Tokenization replaces sensitive PHI data with meaningless tokens, protecting the original values while preserving data format and utility for analytics. Tokenization occurs outside Snowflake, providing an additional layer of security.
C is incorrect because Internal Tokenization is not a Snowflake feature.
E is incorrect because rewriting queries based on current\_role() is not a reliable or scalable approach for protecting PHI across an organization.
F is incorrect because securely sharing data with partners is possible using Snowflake’s secure data sharing capabilities, without sacrificing compliance.
Snowflake SnowPro Advanced Architect certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Snowflake SnowPro Advanced Architect exam and earn Snowflake SnowPro Advanced Architect certification.