V6.1 — Data Classification
Data Classification: 3 L3 requirement(s). V6.1.1: Verify that regulated private data is stored encrypted while at rest, such as Personally Identifiable Information (PII),... V6.1.2: Verify that regulated health data is stored encrypted while at rest, such as medical records, medical device details, or... V6.1.3: Verify that regulated financial data is stored encrypted while at rest, such as financial accounts, defaults or credit h...
| Property | Value |
|---|---|
| Section | V6.1 |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-DATA-06 | PII Field Encryption for User Records |
| SID-CRYPTO-03 | AES-256-GCM Encrypted Keystore |
Source: OWASP Application Security Verification Standard 4.0.3