Ch 13
A nurse who works in quality improvement also works on the nursing unit on occasion. Identify the authentication method that would give her access based on her role at the time. Context-based Role-based Emergency access procedure User-based
Context-based
The CE has a policy that only authorized individuals will be allowed in the data center. This is known as _____. Audit trail Facility access control Risk analysis Security management plan
Facility access control
Unfortunately the facility had a hacker invade the EHR. What is the process that should be used to gather evidence? Spoliation Mitigation Security event Forensics
Forensics
The information system crashed. It is now working but data was lost. Identify the process that needs to be performed. Data integrity Data recovery Firewall Audit trail
Data recovery
Our CE cannot access the data in the EHR due a type of malware. The CE has been asked to pay $10,000 to get access back. This is known as _____. Phishing Ransomware Bot Virus
Ransomware
A letter was sent to patients telling them their PHI had been accessed by a hacker and that the healthcare facility would provide monitoring of their credit for one year. This is an example of what? Forensics method Audit control Mitigation Risk assessment
Mitigation
An employee received an email that he thought was from the information technology department. He provided personal information. He was tricked by _____. Phishing Ransomware Virus Bot
Phishing
The healthcare facility wants to do all it can to prevent downtime. Identify the concept that can help with this goal. Question options: Facility access control Emergency access procedures Redundancy Integrity
Redundancy
A user had trouble remembering his password so he decided to write it down. No one obtained access to it and used it, so this is a _____. Security incident Security event Audit control Information system activity review
Security event
Data required by a court case was deleted by the attending physician. The attorney for the opposing side has found out that the data has been deleted and has accused the CE of _____. A security breech Mitigation Spoliation Information access management
Spoliation
All of the below are examples of malware, with the exception of ________. Spyware Tailgating Rootkit Computer worm
Tailgating
The computer notified me that a user accessed the PHI of a patient who is a celebrity. This is an example of a(n) _____. Authentication Trigger Transmission security Integrity
Trigger
To access PHI, the user enters a user name and places their thumb in a reader. This is an example of what? Two-factor authentication Token Biometric One factor authentication
Two-factor authentication
Which of the following is an example of a security incident? Shared log-on Monitor left on and unattended however no one accessed the information Contract maintenance staff repairing computer without supervision by your staff Virus attack that destroyed files
Virus attack that destroyed files
Connection to ePHI via the Internet has benefits but it is also a(n) _____. Vulnerability Integrity issues Threat Security incident
Vulnerability
Which of the following is a strong password? Question options: 1234 jsmith rachel Xerh54=
Xerh54=
