A healthcare technology company is deploying a web application through Amazon CloudFront. The application collects sensitive patient data using HTTPS and stores it securely on backend systems. While HTTPS secures data in transit, the company requires an additional layer of protection to ensure that specific sensitive fieldssuch as identification numbersremain encrypted end-to-end, even within the application stack. Furthermore, only authorized internal services should be able to access this sensitive data. What is the most appropriate solution the solutions architect should implement?