ExamGecko
Search Search Login
Home Home / ISC / HCISPP

ISC HCISPP Practice Test - Questions Answers, Page 4

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is NOT correct?
If you see other staff violating privacy policies you should?
The First Blue Cross plan was given to teachers at Baylor University allowing them 21 days of hospital care at six dollars a year.
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
DRAG DROP During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant. What is the best approach for the CISO? Below are the common phases to creating a Business Continuity/Disaster Recovery (BC/DR) plan. Drag the remaining BC\DR phases to the appropriate corresponding location.
Substance abuse regulations do not allow disclosure with a subpoena unless a court has issued an order following a show cause hearing.
You receive a call from staff at a local hospital stating that they need information regarding a former client of yours who is scheduled for surgery. They fax you a release of information form which only authorizes the release of medications but the person on the phone is asking for dates of treatment and diagnoses. How would you respond?
The criminal penalties for improperly disclosing patient health information can be as high as fines of $250,000 and prison sentences of up to 10 years.
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
You always abide by the HIPAA privacy rule.

Question 31

Report
Export
Collapse

HIPPA does not call for:

A.
Standardization of electronic patient health, administrative and financial data
A.
Standardization of electronic patient health, administrative and financial data
Answers
B.
Unique health identifiers for individuals, employers, health plans, and health care providers.
B.
Unique health identifiers for individuals, employers, health plans, and health care providers.
Answers
C.
Common health identifiers for individuals, employers, health plans and health care providers.
C.
Common health identifiers for individuals, employers, health plans and health care providers.
Answers
D.
Security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present or future.
D.
Security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present or future.
Answers
Suggested answer: C

Question 32

Report
Export
Collapse

A gap analysis for the Transactions set refer to the practice of identifying the data content you currently have available

A.
through your medical software
A.
through your medical software
Answers
B.
through your accounting software
B.
through your accounting software
Answers
C.
through competing unit medical software
C.
through competing unit medical software
Answers
D.
based on the statutory authorities report
D.
based on the statutory authorities report
Answers
Suggested answer: A

Question 33

Report
Export
Collapse

A gap analysis for the Transactions set does not refer to

A.
the practice of identifying the data content you currently have available through your medical software
A.
the practice of identifying the data content you currently have available through your medical software
Answers
B.
the practice of and comparing that content to what is required by HIPPA, and ensuring there is a match.
B.
the practice of and comparing that content to what is required by HIPPA, and ensuring there is a match.
Answers
C.
and requires that you study the specific format of a regulated transaction to ensure that the order of the information when sent electronically matches the order that is mandated in the Implementation Guides.
C.
and requires that you study the specific format of a regulated transaction to ensure that the order of the information when sent electronically matches the order that is mandated in the Implementation Guides.
Answers
D.
but does not require that you study the specific format of a regulated transaction to ensure that the order of information when sent electronically matches the order that is mandated in the Implementation Guides.
D.
but does not require that you study the specific format of a regulated transaction to ensure that the order of information when sent electronically matches the order that is mandated in the Implementation Guides.
Answers
Suggested answer: D

Question 34

Report
Export
Collapse

Health Information Rights although your health record is the physical property of the healthcare practitioner or facility that compiled it, the information belongs to you. You do not have the right to:

A.
obtain a paper copy of the notice of information practices upon request inspect and obtain a copy of your health record as provided for in 45 CFR 164.524
A.
obtain a paper copy of the notice of information practices upon request inspect and obtain a copy of your health record as provided for in 45 CFR 164.524
Answers
B.
request a restriction on certain uses and disclosures of your information outside the terms as provided by 45 CFR 164.522
B.
request a restriction on certain uses and disclosures of your information outside the terms as provided by 45 CFR 164.522
Answers
C.
amend your health record as provided in 45 CFR 164.528 obtain an accounting of disclosures of your health information as provided in 45 CFR 164.528
C.
amend your health record as provided in 45 CFR 164.528 obtain an accounting of disclosures of your health information as provided in 45 CFR 164.528
Answers
D.
revoke your authorization to use or disclose health information except to the extent that action has already been taken
D.
revoke your authorization to use or disclose health information except to the extent that action has already been taken
Answers
Suggested answer: B

Question 35

Report
Export
Collapse

Employers often advocate on behalf of their employees in benefit disputes and appeals, answer Question:s with regard to the health plan, and generally help them navigate their health benefits. Is individual consent required?

A.
No
A.
No
Answers
B.
Sometimes
B.
Sometimes
Answers
C.
Yes
C.
Yes
Answers
D.
The answer is indeterminate
D.
The answer is indeterminate
Answers
Suggested answer: C

Question 36

Report
Export
Collapse

Who enforces HIPPA?

A.
The Office of Civil Rights of the Department of Confidentiality Services is responsible for enforcement of these rules
A.
The Office of Civil Rights of the Department of Confidentiality Services is responsible for enforcement of these rules
Answers
B.
The Office of Civil Rights of the Department of Health and Human Services is responsible for enforcement of these rules
B.
The Office of Civil Rights of the Department of Health and Human Services is responsible for enforcement of these rules
Answers
C.
The Office of Health Workers Rights of the Department of Health and Human Services in responsible for enforcement of these rules
C.
The Office of Health Workers Rights of the Department of Health and Human Services in responsible for enforcement of these rules
Answers
D.
The Department of Civil Rights of the Office of Health and Human Services is responsible for enforcement of these rules
D.
The Department of Civil Rights of the Office of Health and Human Services is responsible for enforcement of these rules
Answers
Suggested answer: B

Question 37

Report
Export
Collapse

Gap analysis does not apply to

A.
Transactions
A.
Transactions
Answers
B.
availability
B.
availability
Answers
C.
Privacy
C.
Privacy
Answers
D.
Security
D.
Security
Answers
Suggested answer: B

Question 38

Report
Export
Collapse

Which one of the following is NOT a fundamental component of a Regulatory Security Policy?

A.
What is to be done.
A.
What is to be done.
Answers
B.
When it is to be done.
B.
When it is to be done.
Answers
C.
Who is to do it.
C.
Who is to do it.
Answers
D.
Why is it to be done
D.
Why is it to be done
Answers
Suggested answer: C

Explanation:

Regulatory Security policies are mandated to the organization but it up to them to implement it.

"Regulatory - This policy is written to ensure that the organization is following standards set by a specific industry and is regulated by law. The policy type is detailed in nature and specific to a type of industry. This is used in financial institutions, health care facilities, and public utilities."

Explanation:

Question 39

Report
Export
Collapse

According to private sector data classification levels, how would salary levels and medical information be classified?

A.
Public
A.
Public
Answers
B.
Sensitive
B.
Sensitive
Answers
C.
Private
C.
Private
Answers
D.
Confidential
D.
Confidential
Answers
Suggested answer: C

Question 40

Report
Export
Collapse

Which of the following embodies all the detailed actions that personnel are required to follow?

A.
Standards
A.
Standards
Answers
B.
Guidelines
B.
Guidelines
Answers
C.
Procedures
C.
Procedures
Answers
D.
Baselines
D.
Baselines
Answers
Suggested answer: C

Explanation:

As stated in the dictionary, here are 3 definitions of procedure:

1. A manner of proceeding; a way of performing or effecting something: standard procedure.

2. A series od steps taken to accomplish an end: a medical procedure; evacuation procedures.

3. A set of established forms or methods for conducting the affairs of an organized body such as a business, club, or government.

Explanation:

Total 305 questions
Go to page: of 31
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms