KT-DP Sensitive data exposure

A researcher finds patient MRNs in a public analytics dashboard screenshot on LinkedIn. FIRST step?

Multiple choice — select one answer

Answer choices

  1. a. Ignore because social media posts are outside the organization's control boundary, without security or identity team coordination per policy.
  2. b. Ask the researcher to delete their post before IT investigates the dashboard
  3. c. Change dashboard colors so MRNs are harder to read in future screenshots
  4. d. Take the dashboard offline, preserve access logs, and start incident/breach assessment

Architectural breakdown & explanation

Confirmed PHI exposure requires immediate containment and regulated breach evaluation.

Correct answer(s): d. Take the dashboard offline, preserve access logs, and start incident/breach assessment

Exam domain: Sensitive data exposure (20% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Data Protection bank. Run a full timed practice exam with domain-weighted random questions in your browser.