Risk Assessment Factors
Risk Assessment Factors
- Nature and extent of PHI
- Unauthorized person who accessed
- Whether PHI was viewed/acquired
- Mitigation measures taken
**Financial Services Compliance**:
- **PCI-DSS**: Forensic investigator requirements
- **SOX**: Evidence preservation for financial data
- **GLBA**: Safeguards and notification rules
- **NY DFS**: 72-hour notification requirement