You are responsible for database security in a healthcare organization. A database administrator mistakenly granted read access to sensitive patient records to a non-privileged user. What action should you take to rectify this situation?

  • Conduct an audit to identify any other unauthorized accesses and revoke them.
  • Implement role-based access control to prevent such incidents in the future.
  • Inform the database administrator about the mistake and request them to rectify it.
  • Revoke the non-privileged user's read access immediately.
The correct action to rectify the situation is to revoke the non-privileged user's read access immediately. This ensures that unauthorized individuals cannot view sensitive patient records. Informing the database administrator and conducting an audit are necessary steps, but the immediate action should be to remove the unauthorized access. Implementing role-based access control is a preventive measure for the future but does not address the current issue directly.
Add your answer
Loading...

Leave a comment

Your email address will not be published. Required fields are marked *