01.v - Information Access Restriction

In HITRUST CSF version 11, object 01.v defines the requirement to limit access to sensitive information to authorized individuals only, ensuring that users are granted permissions based on need-to-know and role. It mandates controls for authentication, authorization and periodic review of access rights to protect data confidentiality.