HIM Final Review-1302_Part 3
A hacker recently accessed our database. We are trying to determine how the hacker got through the firewall and exactly what was accessed. The process used to gather this evidence is called: A. forensics. B. mitigation. C. security event. D. incident.
A
Accessing PHR identifiable health information without approval is: A. breach of security. B. PHR identifiable health information. C. unsecured PHR identifiable health information. D. preemption.
A
An employee utilizes the patient's name and Social Security number to obtain a credit card. This is an example of: A. identity theft. B. de-identified information. C. limited data set. D. security incident.
A
An organization that is a covered entity, performs functions that are covered and noncovered by HIPAA, and specifies the portion of the organization that will be subject to HIPAA is called a(n): A. hybrid entity. B. affiliated covered entity. C. organized health care arrangement. D. business associate.
A
Choosing to be in the directory means which of the following? A. Friends and family can find out what room you are in B. Your condition can be released to any caller in specific terms C. Your condition can be released to the public D. No information can be released
A
Differentiate between authentication and authorization:. A. Authentication is confirming that you are able to log into the system; authorization is determining what you can do. B. Authentication is determining what you can do; authorization is confirming that you are able to log into the system. C. Authentication is confirming that you are able to log into the system; authorization is identifying what a user did in the system. D. Authentication is determining what you can do and authorization is identifying what a user did in the system.
A
Facility access controls, workstation use, workstation security, and device/media controls are all of part of : A. physical safeguards. B. technical safeguards. C. administrative safeguards. D. organizational requirements.
A
In conducting an environmental risk assessment, which of the following would be considered in the assessment? A. Placement of water pipes in the facility B. Verifying that virus checking software is in place C. Use of single sign-on technology D. Authentication
A
Margot looked up PHI on her ex-sister-in-law. A routine audit discovered the violation. Which statement is true under ARRA? A. Margot cannot be prosecuted since she is not a covered entity. B. Margot cannot be prosecuted since she is not a covered entity or business associate. C. Margot cannot be prosecuted since she did not sell the PHI. D. Margot can be prosecuted.
A
Mary processed a request for information and mailed it out last week. Today, the requestor, an attorney, called and said that all of the requested information was not provided. Mary pulls the documentation, including the authorization and what was sent. She believes that she sent everything that was required. She confirms this with her supervisor. The requestor still believes that some extra documentation is required. Given the above information, which of the following statements is true? A. Mary is not required to release the extra documentation because the facility has the right to interpret a request and apply the minimum standard rule. B. Mary is required to release the extra documentation because the requestor knows what is needed. C. Mary is required to release the extra documentation because, in the customer service program for the facility, the customer is always right. D. Mary is not required to release the additional information because her administrator agrees with her.
A
Ms. Thomas was a patient at your facility. She has been told that there are some records that she cannot have access to. These records are most likely: A. psychotherapy notes. B. alcohol and drug records. C. AIDS records. D. mental health assessment.
A
Nicole is developing an agreement that will be used between the hospital and the health care clearing house. This agreement will require the two parties to protect the privacy of data exchanged. This is called a: A. business associate agreement. B. business contract. C. trading partner agreement. D. none of the above.
A
Physical safeguards include: 1. Tools to monitor access 2. Tools to control access to computer systems 3. Fire protection 4. Tools preventing unauthorized access to data A. 1 and 2 only B. 1 and 3 only C. 2 and 3 only D. 2 and 4 only
A
Robert Burchfield was recently caught accessing his wife's medical record. The system automatically notified the staff of a potential breach due to the same last name for the user and the patient. This was an example of a: A. trigger. B. biometrics. C. telephone callback procedures. D. transmission security.
A
State law says that the hospital must keep a record of disclosures for 10 years. HIPAA says 6 years. What should the hospital do to comply with the conflicting laws? A. Keep it 10 years required by the state because it is stricter than HIPAA. B. Keep it 6 years because HIPAA is a federal law that preempts state laws. C. Keep it 10 years if you are a state hospital, 6 years if you are not a state hospital. D. Keep it 6 years if you are a federal hospital, 6 years if you are not a federal hospital.
A
The HIM director received an e-mail from the technology support services department about her email being full and asking for her password. The director contacted tech support and it was confirmed that their department did not send this e-mail. This is an example of what type of malware? A. Phishing. B. Spyware. C. Denial of service. D. Virus.
A
The administrator states that he should not have to participate in privacy and security training. How should you respond? A. "All employees are required to participate in the training, including top administration." B. "I will record that in my files." C. "Did you read the privacy rules?" D. "You are correct. There is no reason for you to participate in the training."
A
The facility had a security breach. The breach was identified on October 10, 2010. The investigation was completed on October 15, 2010. What is the deadline that the notification must be completed? A. 60 days from October 10 B. 60 days from October 15 C. 30 days from October 10 D. 30 days from October 15
A
The hospital has received a request for an amendment. How long does the facility have in order to accept or deny the request? A. 30 days B. 60 days C. 14 days D. 10 days
A
The purpose of the notice of privacy practices is to A. notify the patient of uses of PHI. B. notify patient of audits. C. report incidents to the OIG. D. notify researchers of allowable data use.
A
Which of the following should record destruction program include? A. The method of destruction B. Name of person responsible for destruction C. Cite of laws followed D. Requirement of daily destruction
A
Which of the following would be a business associate? A. Release of information company B. Bulk food service provider C. Childbirth class instructor D. Marketing consultant
A
You work for a 60-bed hospital in a rural community. You are conducting research on what you need to do to comply with HIPAA. You are afraid that you will have to implement all of the steps that your friend at a 900-bed teaching hospital is implementing at his facility. You continue reading and learn that you only have to implement what is prudent and reasonable for your facility. This is called: A. scalable. B. risk assessment. C. technology neutral. D. access control.
A
Which of the following disclosures would require patient authorization? A. law enforcement activities B. workers compensation C. release to patient's attorney D. public health activities
C
Encryption, access control, emergency access to records, and biometrics are examples of: A. transmission security. B. technical security. C. a security incident. D. telecommunications.
B
A patient authorizes Hospital A to send a copy of a discharge summary for the latest hospitalization to Hospital B. Hospital B uses the discharge summary in the patient's care and files it in the medical record. When Hospital B receives a request for records, a copy of Hospital A's discharge summary is sent. This is an example of: A. a privacy violation. B. redisclosure. C. satisfactory assurance. D. inappropriate release.
B
A data use agreement is required when A. a complaint has been filed. B. a limited data set is used. C. a notice of disclosure is requested. D. information is provided to a business associate.
B
A patient's medical record was breached. The written notification that goes out to the patient should contain only a message to call the hospital. A. True statement. This is too sensitive to address in a letter. B. False statement. The patient should receive a brief description of the breach, what the covered entity is doing about the breach, what the patient should do, and who to contact. C. False statement, as the patient should be told to contact the Office of the Inspector General. D. False statement, as the patient should be told what happened and that the facility is sorry and hopes the patient will not have any problems as a result of the breach.
B
As Chief Privacy Officer for Premier Medical Center, you are responsible for which of the following: A. backing up data B. developing a plan for reporting privacy complaints C. writing policies on protecting hardware D. writing policies on encryption standards
B
Cindy, Tiffany, and LaShaundra are all nurses at Sandyshore Health Care. They all have access to the same functions in the information system. It is likely that this facility is using: A. user-based access. B. role-based access. C. DAC. D. MAC.
B
Critique this statement: ARRA eliminates the state preemption rule: . A. This is a true statement. B. This is a false statement, as ARRA privacy and security rules are subject to the same state preemption as HIPAA. C. This is a false statement, as HIPAA is still subject to the state preemption rule but ARRA is not. D. This is a false statement, as ARRA is subject to the state preemption rule but HIPAA is not.
B
Mabel is a volunteer at a hospital. She works at the information desk. A visitor comes to the desk and says that he wants to know what room John Brown is in. What should Mabel do? A. Look the patient up and give the room number to the visitor. B. Look the patient up to see if John has agreed to be in the directory. If he has, then give the room number to the visitor. C. Look the patient up to see if the patient signed a notice of privacy practice. If so, then give the visitor the room number. D. Look the patient up in the system to determine if the patient has agreed to TPO usage and then give the room number to the visitor if he had.
B
Margaret has signed an authorization to release information regarding her ER visit for a fractured finger to her attorney. Specifically, she says to release the ER history and physical, x-rays, and any procedure notes for finger fracture. Which of the following violates her privacy? A. Release of face sheet used in ER as a history B. X-ray of chest C. X-ray of finger D. Documentation of suturing of finger
B
Miles has asked you to explain the rights that he has via HIPAA privacy standards. Which of the following is one of his HIPAA-given rights? A. He can review his bill. B. He can ask to be contacted at an alternative site. C. He can discuss financial arrangements with business office staff. D. He can ask a patient advocate to sit in on all appointments at the facility.
B
Ms. Hall has requested that Dr. Moore amend her medical record. He emphatically refused. What type of documentation is required, if any? A. No documentation is required B. Documentation of request and refusal C. Documentation of request D. None of the above
B
Patricia is processing a request for medical records. The record contains an operative note and a discharge summary from another hospital. The records are going to another physician for patient care. What should Patricia do? A. Notify the requestor that redisclosure is illegal and so he must get the operative and discharge summary records from the original source hospital. B. Include the documents from the other hospital. C. Redisclose when necessary for patient care. D. Redisclose when allowed by law.
B
Retail America has started a PHR. According to ARRA, the health information that they store is: A. not protected. B. protected. C. mandated to be de-identified. D. subject to security but not privacy requirements.
B
Richard has asked to view his medical record. The record is stored off-site. How long does the facility have to provide this record to him? A. 30 days B. 60 days C. 14 days D. 10 days
B
Surf Side Hospital has conducted extensive privacy training for their employees. They trust their employees because it is a small community. There have not been any breaches in the past. They feel that monitoring compliance through an audit trail is not necessary. In this circumstance, would it be reasonable to forgo keeping an audit trail? A. Yes, since it is a small community B. No C. Yes, if there is a hotline where violations can be reported D. Yes, if employees are well trained
B
The HIPAA technology rule does not require specific technologies to be used but rather provides direction on the outcome. The term used to describe this philosophy is: A. technology free. B. technology neutral. C. administrative rules. D. generic technology.
B
Today is August 30, 2010. When can the training records for the HIPAA privacy training being conducted today be destroyed? A. August 30, 2015 B. August 30, 2016 C. August 30, 2017 D. August 30, 2018
B
We have just identified that an employee looked up his own medical record. Which of the following actions should be taken? A. Notify his or her supervisor because this is a minor incident and therefore not subject to the incident response procedure. B. Follow the incident response procedure. C. Terminate the employee on the spot. D. Notify OCR.
B
Which of the following is a true statement regarding psychotherapy notes? A. Patients have open access to psychotherapy notes. B. Psychotherapy notes are never intended to be shared with anyone. C. Psychotherapy notes cannot be used in defending oneself in a court case. D. Psychotherapy notes are to be destroyed after one year because of their confidential nature.
B
Which of the following statements is true? A. Records retained by a business associate are not part of the designated record set. B. Records retained by a business associate are a part of the designated record set. C. Shadow records are those utilized by the business associate and are therefore part of the designated record set. D. Shadow records are those utilized by the business associate and are therefore not part of the designated record set.
B
Which of the following techniques would a facility employ for access control? 1. Automatic logoff 2. Passwords 3. Token 4. Unique user identification A. 1 and 4 B. 1 and 2 only C. 2 and 4 only D. all of the above
B
You are looking at your policies, procedures, training program, etc., and comparing them to the HIPAA regulations. You are conducting: A. policy assessment. B. risk assessment. C. compliance audit. D. none of the above.
B
You are walking around the facility to identify any privacy and security issues. You walk onto the 6W nursing unit and are able to watch the nurse entering confidential patient information. How can you best improve the privacy of the patient's health information? A. Ask the nurse to type the data at another computer. B. Turn the computer screen so that the public cannot see it. C. Give the nurse additional training. D. None of the above
B
You are walking around the facility to identify any privacy and security issues. You walk onto the 6W nursing unit and stand in a public area to look for possible violations. From where you are standing, you see that anyone can watch the nurse entering confidential patient information. You make a note of this. What are you doing? A. Conducting a gap analysis B. Conducting a risk assessment C. Monitoring audit trail D. None of the above
B
You are writing a policy for the release of information area. This policy will include the requirements for a valid authorization. Which of the following would not be included? A. Expiration B. Request for an accounting of disclosure C. Statement or right to revoke D. Description of information to be disclosed
B
You have been asked to provide examples of technical security measures. Which of the following would you add to your list of examples? A. Locked doors B. Automatic logout C. Minimum necessary D. Training
B
You have been given some information that includes the patient's account number. Which statement is true? A. This is de-identified information as the patient's name and social security is not included in the data. B. This is not de-identified information, as it is possible to identify the patient. C. This data is individually identified data. D. This data is a limited data set.
B
You have been given the responsibility of deciding which access control to use. Which of the following is one of your options? A. Audit trail B. Biometrics C. Authentication D. Mitigations
B
You have to decide which type of firewall that you want to use in your facility. Which of the following is one of your options? A. Packet filter B. Secure socket layer C. CCOW D. Denial of service
B
You work for an organization that publishes a health information management journal and provides clearinghouse services. What must you do? A. Have the same security plan for the entire organization. B. Separate the e-PHI from the noncovered entity portion of the organization. C. Train the journal staff on HIPAA security awareness. D. Follow the same rules in all parts of the organization.
B
Your facility just learned that some PHI was posted to the Internet in error. The PHI was online for 2 days before the problem was found. Unfortunately, there were people who visited the webpage during this time. Four hundred patients were impacted. Which of the following applies? A. The media must be notified. B. Patients must be notified. C. Health and Human Services must be notified within 60 days D. The media and Health and Human Services must be notified.
B
Your system just crashed. Fortunately, you have established a site that holds computer processors that can be converted to meet our needs quickly. This is a: A. hot site. B. cold site. C. redundant site D. backup site.
B
A copy of a medical record was sitting on a counter when a patient walked up to the counter and stood there until the receptionist realized the patient was there. The receptionist immediately removed the copy of the record. Which of the following statements is true? A. This is a breach even if the patient did not see the information contained in the record. B. This is a breach only if the patient looked at it. C. This is not a breach since the patient is unable to retain the information. D. This is a breach whether or not the patient saw the information.
C
A covered entity: A. is exempt from the HIPAA privacy and security rules. B. includes all healthcare providers. C. includes healthcare providers who perform specified actions electronically. D. must utilize business associates.
C
A data use agreement allows the organization receiving the data to: A. use the non-PHI data any way they want. B. use PHI data any way they want. C. use data only within the bounds of the agreement. D. conduct business for the organization.
C
As Chief Privacy Officer, you have been asked why you are conducting a risk assessment. Which reason would you give? A. Get rid of problem staff B. Change organizational culture C. Prevent breach of confidentiality D. None of the above
C
Contingency planning includes which of the following processes? A. Data quality B. Systems analysis C. Disaster planning D. Hiring practices
C
Critique this statement. ARRA eliminated the accounting of disclosure. A. True statement. B. False statement. ARRA eliminated the TPO exception. C. False statement. ARRA eliminated the TPO exception when the CE utilizes an EHR. D. False statement. ARRA did not address the accounting of disclosure.
C
HIPAA workforce security requires: A. a criminal background check. B. a two-factor authentication. C. that access to PHI be appropriate. D. the use of card keys.
C
Kyle, the HIM Director, has received a request to amend a patient's medical record. The appropriate action for him to take is: A. make the modification. B. file the request in the chart. C. route the request to the physician who wrote the note in question. D. return the notice to the patient.
C
Mark is an HIM employee who utilizes six different information systems as part of his job. Each of these has a different password. In order to keep up with the password for each system, Mark has written them all on paper and taped it to the back of his wife's picture on his desk. What technology could be used to eliminate this problem for Mark and other employees in the same situation? A. Role-based access B. User-based access C. SSO D. DAC
C
Mountain Hospital has discovered a security breech. Someone hacked into the system and viewed 50 medical records. According to ARRA, what is the responsibility of the covered entity? A. ARRA does not address this issue. B. All individuals must be notified within 30 days. C. All individuals must be notified within 60 days. D. ARRA requires oral notification.
C
Sarah is the director of HIM at a Brandon Community Hospital. This small hospital does not have an alcohol or drug abuse unit, nor does it treat patients of this type. Last night in the ER, a patient came in who was diagnosed with acute alcoholism and was transferred to another facility for treatment. Does this facility have to follow the regulations on the confidentiality of alcohol and drug abuse patients? A. Yes, if the patient was in withdrawal and any treatment was provided to him B. Yes, since they treated the patient C. No, since they do not have a program and there is no staff whose primary function is to treat these patients D. No, since they immediately transferred the patient from the emergency room
C
The surgeon comes out to speak to a patient's family. He tells them that the patient came through the surgery fine. The mass was benign and they could see the patient in an hour. He talks low so that the other people in the waiting room will not hear but someone walked by and heard. This is called a(n) : A. privacy breach. B. violation of policy. C. incidental disclosure. D. privacy incident.
C
What type of digital signature uses encryption? A. Digitized signature B. Electronic signature C. Digital signature D. Encryption is not a part of digital signatures
C
Which of the following is an example of a security incident? A. Temporary employees were not given individual passwords. B. An employee took home a laptop with unsecured PHI. C. A handheld device was left unattended on the crash cart in the hall for 10 minutes. D. A hacker accessed PHI from off site.
C
Which of the following situations violate a patient's privacy? A. The hospital sends patients who are scheduled for deliveries information on free childbirth classes. B. The physician on the quality improvement committee reviews medical records for potential quality problems. C. The hospital provides patient names and addresses to a pharmaceutical company to be used in a mass mailing of free drug samples. D. The hospital uses aggregate data to determine whether or not to add a new operating room suite.
C
Which of the following statements demonstrates a violation of protected health information? A. "Yes, Mr. Smith is in room 222. I will transfer your call." B. A member of the physician's office staff calls centralized scheduling and says, "Dr. Smith wants to perform a bunionectomy on Mary Jones next Tuesday." C. "Mary, at work yesterday I saw that Susan had a hysterectomy." D. Dr. Jones tells a nurse on the floor to give Ms. Brown Demerol for her pain.
C
Which of the following statements is true about a requested restriction? A. ARRA mandates that a CE must comply with a requested restriction. B. ARRA states that a CE does not have to agree to a requested restriction. C. ARRA mandates that a CE must comply with a requested restriction unless it meets one of the exceptions. D. ARRA does not address restrictions to PHI.
C
Which of the following statements is true about the Privacy Act of 1974? A. It applies to all organizations who maintain health care data in any form. B. It applies to all health care organizations. C. It applies to the federal government. D. It applies to federal government except for the Veterans Health Administration.
C
You are evaluating what makes up the designated record set for South Beach Healthcare Center. Which of the following would be included? A. Quality reports B. Psychotherapy notes C. Discharge summary D. Information compiled for use in civil hearing
C
You have been assigned the responsibility of performing an audit to confirm that all of the workforce's access is appropriate for their role in the organization. This process is called: A. risk assessment. B. information system activity review. C. workforce clearance procedure. D. information access management.
C
You will be choosing the type of encryption to be used for the new EHR. What are your choices? A. Symmetric and conventional B. Asymmetric and public key C. Symmetric and asymmetric D. Public key and integrity
C
Mark, a patient of Schnering Hospital, has asked for an electronic copy of his medical record to go to his physician. According to ARRA, what is the CE's obligation to Mark? A. None, as this is prohibited by HIPAA. B. None, as this is prohibited by ARRA. C. Mark has a right to an electronic copy, but it has to go to him, not a third party. D. Mark has a right to an electronic copy or to have it sent to someone else.
D
Protected health information includes: A. only electronic individually identifiable health information. B. only paper individually identifiable health information. C. individually identifiable health information in any format stored by a health care provider. D. individually identifiable health information in any format stored by a health care provider or business associate.
D
Alisa has trouble remembering her password. She is trying to come up with a solution that will help her remember. She reads the policies on passwords. Based on the policy, she chooses which of the following options? A. The word "password" for her password B. His daughter's name for her password C. To write the complex password on the last page of her calendar D. A combination of letters and numbers
D
Crystal has received a copy of some documents from her medical record. In the request, she had specifically requested the discharge summary, history and physical, operative report, pathology report, laboratory results, and x-ray reports. The records that she received only included the discharge summary and history and physical. The enclosed letter said that the other documents were not enclosed because of the minimum necessary rule. What should the director tell Crystal when she calls? A. The clerk was appropriate in what was sent. B. The operative report should have been included too. C. The operative report and pathology report should have been included. D. All of the requested information should have been sent because the patient is an exception to the minimum necessary rule.
D
Dr. Brown has just approved the patient's request to amend the medical record. Dr. Brown has routed the request with his approval to the HIM Department. What should the HIM Department do? A. File the request where the erroneous information is located. B. File the request where the erroneous information is located and send a copy of the amendment to anyone who has a copy of the erroneous information. C. File in the front of the chart. D. File the request where the erroneous information is located and send a copy of the amendment to anyone who has a copy of the erroneous information plus anyone the patient requests.
D
Intentional threats to security could include A. a natural disaster (flood). B. equipment failure (software failure). C. human error (data entry error). D. data theft (unauthorized downloading of files).
D
Rachel, a nurse, can write progress notes in the patient's electronic health record. Vera, a coder, can view the progress notes but is not authorized to write a progress note. What controls this? A. Authentication B. Two-factor authentications C. Biometrics D. Based access control
D
Reporting breaches under ARRA are required of: 1. Covered entities 2. Business associates 3. Non-HIPAA entities A. 1 only B. 1 and 2 only C. 2 and 3 only D. 1, 2, and 3
D
The computer system containing the electronic health record was located in a room that was flooded. As a result, the system is inoperable. Which of the following would be implemented? A. SWOT analysis B. Information systems strategic planning C. Request for proposal D. Business continuity processing
D
The following is a sentence from the notice of privacy practices. What problem do you identify? The party of the first part vows to mitigate breaches should a security incident occur. A. None, because that is the responsibility of a covered entity. B. None, because that is the responsibility of a business associate. C. It is not the responsibility of a covered entity. D. It is not written in plain English.
D
The term "de-identified" indicates: A. the patient's name has been removed. B. the patient's name and medical record number have been removed. C. the patient's name, medical record number, and social security number have been removed. D. all of the HIPAA specified patient identifiers have been removed.
D
Two of your staff members are debating how far to go back to comply with a request for an accounting of disclosure. What is your best response? A. HIPAA requires us to go back 6 years. B. HIPAA requires us to go back 3 years. C. ARRA requires us to go back 6 years. D. ARRA requires us to go back 3 years.
D
When addressing physical security, which of the following should be taken into consideration? A. Natural threats B. Human-made threats C. Damaging nearby activities D. All of the above
D
Which of the following documents is subject to the HIPAA security rule? A. Document faxed to the facility B. Copy of discharge summary C. Paper medical record D. Scanned operative report stored on CD
D
Which of the following is an example of an intentional activity? A. Hard drive failure. B. Data was deleted by accident. C. Data was lost due to an electrical failure. D. A patient's social security number is used to file for a credit card.
D
Which of the following is excluded from the definition of PHI? A. Identifiable patient information that is held by a covered entity B. Identifiable patient information that is held by a business associate C. Identifiable patient information that is stored electronically D. Employment records stored by a covered entity as an employer
D
Which of the following is subject to the HIPAA security rule? A. x-ray films stored in radiology B. paper medical record C. faxed records D. Clinical data repository
D
Which of the following set(s) is an appropriate use of the emergency access procedure? A. A patient is crashing. The attending physician is not in the hospital, so a physician who is available helps the patient. B. One of the nurses is at lunch. The nurse covering for her needs patient information. C. The coder who usually codes the emergency room charts is out sick and the charts are left on a desk in the ER admitting area. D. A and B.
D
With the ARRA changes to the accounting of disclosure rules, which of the following statements is true? A. All CE must account for all disclosures-not just nonroutine. B. Only organizations using a hybrid record must account for all disclosures. C. Only organizations still using the paper record must account for all disclosures to encourage the transition to the EHR. D. Only organizations with an EHR is required to account for all disclosures
D
You have been asked to explain the purpose of the new security awareness program. Your response is to: A. help staff realize the importance of security. B. remind users of procedures. C. lock down PHI. D. train staff on the security measures related to transmission security and physical security.
D
Your facility just learned that one of their business associates is out of compliance with your contract and with the privacy rule. What should your response be according to ARRA? A. Educate the business associate and conduct an audit in 30 days. B. Educate the business associate. Request that the problem be corrected by the business associate within 60 days C. Request that the problem be corrected by the business associate within 60 days D. Request that the business associate correct the problem or stop doing business with the organization.
D
Your organization is sending confidential patient information across the Internet using technology that will transform the original data into unintelligible code that can be recreated by authorized users. This technique is called: A. a firewall. B. validity processing. C. a call-back process. D. data encryption.
D
Your transcription system is set up to back up your hard drive every 5 minutes. The backup is on the hard drive of another computer. This computer is located in the room next door to the primary computer. What should be done to improve the backup process? A. Place the backup on an optical disk. B. Back up on a daily basis. C. Back up on a diskette. D. Move backup computer to an office 100 miles away.
D