A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur.

The administrator has been given the following requirements:

All access must be correlated to a user account.

All user accounts must be assigned to a single individual.

User access to the PHI data must be recorded.

Anomalies in PHI data access must be re

ported.

Logs and records cannot be deleted or modified.

Which of the following should the administrator implement to meet the above requirements? (Select three.)

A. Eliminate shared accounts.

B. Create a standard naming convention for accounts.

C. Implem

ent usage auditing and review.

D. Enable account lockout thresholds.

E. Copy logs in real time to a secured WORM drive.

F. Implement time-of-day restrictions.

G. Perform regular permission audits and reviews.