Track, investigate and report inappropriate access and disclosure of protected health information

Establishes, with the information security officer, an ongoing process to track, investigate and report inappropriate access and disclosure of protected health information. Monitor patterns of inappropriate access and/or disclosure of protected health information.

Data Loss Prevention (“DLP”) is a control, process or strategy that governs the protection of sensitive information in all its forms. The traditional scope of DLP strategies is to prevent the unauthorized disclosure of data in transit by providing visibility into access and transmission, but it also includes the controls in use for storage of information at rest. CPO ensures that a data-loss prevention strategy is in place that is designed to detect potential data breach transmissions.

Source :

https://www.nymity.com/data-privacy-resources/privacy-management-tools/~/media/NymityAura/Resources/Research/PMA_Scopes.pdf