A major medical corporation is investigating deploying a web based portal for patients to access their medical
records. The medical corporation has a long history of maintaining IT security but is considering having a third
party vendor create the web portal. Which of the following areas is MOST important for the Chief Information
Security Officer to focus on when reviewing proposal from vendors interested in creating the web portal?
Contractor background check
Confidentiality and availability
Redundancy and privacy
Integrity and confidentiality