A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements:
+All access must be correlated to a user account.
+All user accounts must be assigned to a single individual.
+User access to the PHI data must be recorded.
+Anomalies in PHI data access must be reported.
+Logs and records cannot be deleted or modified.
Which of the following should the administrator implement to meet the above requirements? (Select three.)
Eliminate shared accounts.
Create a standard naming convention for accounts.
Implement usage auditing and review.
Enable account lockout thresholds.
Copy logs in real time to a secured WORM drive.
Implement time-of-day restrictions.
Perform regular permission audits and reviews.