You are designing a Google Cloud environment for a healthcare provider that will store and process sensitive patient data. The solution must meet the following regulatory requirements:

Data must be stored only within designated geographic locations.

Specific administrative operations on patient data must require explicit approval from authorized compliance personnel.

All access to patient data must be logged for audit purposes.

What is the recommended approach to configure Google Cloud to fulfill these requirements?*

Exam-Like

Select a standard Google Cloud region. Restrict access to patient data based on user location and job function by using Access Context Manager. Enable both Cloud Audit Logging and Access Transparency.

Deploy an Assured Workloads environment in an approved region. Configure Access Approval for sensitive operations on patient data. Enable both Cloud Audit Logs and Access Transparency.

Deploy an Assured Workloads environment in multiple regions for redundancy. Utilize custom IAM roles with granular permissions. Isolate network-level data by using VPC Service Controls.

Select multiple standard Google Cloud regions for high availability. Implement Access Control Lists (ACLs) on individual storage objects containing patient data. Enable Cloud Audit Logs.

Google Professional Cloud Security Engineer

Get started today

Comments