Chapter 13 Review Questions

¡Supera tus tareas y exámenes ahora con Quizwiz!

d. Internal threats

1. The greatest threats to organizational security stem from __________.

b. Internal to the organization

12. What is the most common type of security threat to a health information system?

d. Federal Trade Commission

13. With whom may patients may file a complaint if they suspect medical identity theft violations?

c. Fair and Accurate Credit Transactions Act

14. Which of the following requires financial institutions develop written medical identity theft programs?

d. Defer all issues related to medical identity theft to the in-house attorney

15. The role of the HIM professional in medical identity theft protection programs includes all of the following except __________.

c. User name and password and token

17. Which of the following is an example of two-factor authentication?

c. Facility policy

18. The predetermined time for an automatic log-off from the system is mandated by __________.

a. Audit trail.

19. The capture of data by a hospital's data security system that shows multiple invalid attempts to access the patients' database is an example of a(n) __________.

c. Context-based

2. The director of health information services is allowed access to the medical record tracking system when providing the proper log-in and password. Under which access security mechanism is the director allowed access to the system?

a. Cryptography

20. Which of the following defines the study of encryption and decryption techniques?

d. E-mail scrubbing

21. Common safeguards utilized to protect e-mail communication include all but which of the following?

a. Data back-up, data recovery and emergency mode of operations.

22. Key components to a contingency or disaster plan, mandated by the HIPAA Security Rule include __________.

a. User compliance with policy and procedures.

23. The most important protection against loss of data is __________.

d. Organizational policy

24. When determining the appropriate password composition, the HIIM professional should refer to which of the following?

d. Palm scanners

25. Which of the following is not an access control commonly utilized by covered entities for compliance with the HIPAA security rule?

a. Role-based

3. An individual designated as an inpatient coder may have access to an electronic medical record in order to code the record. Under which access security mechanism is the coder allowed access to the system?

c. Context-based

4. Under which access security mechanism would an individual be allowed access to ePHI if they have a proper log-in and password, belong to a specified group, and their workstation is located in a specific place within the facility?

a. Holding an individual employee accountable for actions b. Reconstructing electronic events c. Detecting a hacker d. Recognizing when a system is having problems --all of the above is the answer

An audit trail is a good tool for which of the following?

d. Restricting remote access to users

Elements to include in a security system risk analysis program include all but which of the following?

c. WEP

Of the following, which type of data encryption is primarily used in a wireless network environment?

b. Read predetermined criteria to determine if a user is who he or she claims

The purpose of entity authentication is to __________.

d. Password systems

Which is the most common method for implementing entity authentication?

c. System auto-assigns password

Which of the following is the best option for password management?

c. Firewalls are effective for preventing all types of attacks on a healthcare system.

Which of the following statements is false about a firewall?

c. Password and swipe card

Which of the following would be considered a two-factor authentication system?


Conjuntos de estudio relacionados

ACCT C101 Financial Accounting Chapter 10

View Set

Trigonometric Identities & Equations

View Set

ATI Fluid, Electrolyte, and Acid-Base Regulation

View Set

Business Finance Evaluation 4 Quiz Q&As

View Set