ExamGecko
Search Search Login
Home Home / ISC / HCISPP
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is NOT correct?
If you see other staff violating privacy policies you should?
DRAG DROP During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant. What is the best approach for the CISO? Below are the common phases to creating a Business Continuity/Disaster Recovery (BC/DR) plan. Drag the remaining BC\DR phases to the appropriate corresponding location.
Substance abuse regulations do not allow disclosure with a subpoena unless a court has issued an order following a show cause hearing.
The criminal penalties for improperly disclosing patient health information can be as high as fines of $250,000 and prison sentences of up to 10 years.
The First Blue Cross plan was given to teachers at Baylor University allowing them 21 days of hospital care at six dollars a year.
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
You receive a call from staff at a local hospital stating that they need information regarding a former client of yours who is scheduled for surgery. They fax you a release of information form which only authorizes the release of medications but the person on the phone is asking for dates of treatment and diagnoses. How would you respond?
You always abide by the HIPAA privacy rule.

Question 1 - HCISPP discussion

Report
Export

During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.

What is the best approach for the CISO?

During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.

What is the best approach for the CISO?

A.
Document the system as high risk
Answers
A.
Document the system as high risk
B.
Perform a vulnerability assessment
Answers
B.
Perform a vulnerability assessment
C.
Perform a quantitative threat assessment
Answers
C.
Perform a quantitative threat assessment
D.
Notate the information and move on
Answers
D.
Notate the information and move on
Suggested answer: B
Show Answer
asked 18/09/2024
Rohit Kumar
40 questions
NextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms