Question (W9)

It is critical to ensure all staff are trained and follow your information security policy to help implement technology and prevent human error.

· Suggest an antivirus software, firewall, resource monitoring, vulnerability tracking, password management software, and compliance software for the local hospital.

Question (W10)

Compliance with PCI DSS is a contractual obligation.

· Explain how this differs from a regulatory obligation.

· Which takes precedence—a regulatory requirement or a contractual obligation? Explain your answer.

· Who enforces PCI compliance? How is it enforced?