🔥 3-day streak
AWS Certified Solutions Architect - Professional74 / 186
Question 74 of 186

A healthcare SaaS company is building a new patient-records platform on AWS. Regulatory requirements mandate that Protected Health Information (PHI) fields such as Social Security Numbers must be encrypted, but the application must still be able to perform exact-match lookups on these values (for example, to find a patient by SSN) without decrypting the entire dataset. The team wants to minimize the exposure of raw PHI in the primary application database, which runs on Amazon Aurora PostgreSQL. Which design best meets these requirements?

Reviewed for accuracy · Report an issueNext question