Which Of The Following Is Required By Hipaa Standards
27 community-sourced questions and answers. Free — no login.
The primary reason that healthcare organizations develop business continuity plans is to minimize the effects of which of the following?
computer downtime
HIPAA represents an attempt to establish best practices and standards for health information security.
this is a true statement
A risk analysis is useful to _________.
Identify security threats
Which of the following is true regarding HIPAA security provisions?
covered entities must appoint two chief security officers who can share security responsibilities for 24 hour coverage
Which of the following is a technique that can be used to determine what information access privileges an employee should have?
context-based
The HIPAA data integrity standard requires that organizations do which of the following?
keep documented logs of system access and access attempts
Which of the following is required by HIPAA standards?
a written contingency plan
Security controls built into a computer software program to protect information security and integrity are which of the following?
application controls
This type of control is designed to prevent damage cause by computer hackers.
network control
Policies and procedures that address the management of computer resources and security are which of the following?
Administrative controls
privacy
safeguarding system access
integrity
safeguarding data accuracy
availability
ensuring system access when needed
Which of the following terms means that data should be complete, accurate, and consistent?
data integrity
What is the biggest threat to the security of healthcare data?
Employees
What does the term access control mean?
Identifying which data employees should have a right to use
Which of the following is a software program that tracks every access to data in the computer system?
Audit trail
Which of the following is an organization's planned response to protect its information in the case of a natural disaster?
Business continuity plan
Though the HIPAA Security Rule does not specify audit frequency, how often should an organization's security policies and procedures be reviewed?
Once a year
Which of the following provide the objective and scope for the HIPAA Security Rule as a whole?
General rules
Which of the following is an example of a physical safeguard that should be provided for in a data security program?
Locking computer rooms
Which of the following best describes information security?
The mechanisms for safeguarding information and information systems
A public key is part of what security measure?
Digital certificates
Which of the following is an example of technical security?
Integrity
Policies were recently rewritten. How long does the facility need to retain the obsolete policies?
Six years
An audit identified that an employee accessed a patient whose name is the same as the employee. This is known as a/an _________.
Trigger
In two computer systems the same data element is different. This is what type of issue?
Data consistency
Looking for a different version?
CBTs get updated every year. Search for the exact version you're taking (e.g. "cyber awareness 2025").
Search all study materials