Chapter 12
The security rule applies to all PHI.
False
User name and password is an example of a two-factor authentication.
False
Critique this statement: A security incident must have been successful in order to meet the definition.
False statement as a security incident is a successful or unsuccessful attempt.
Types of security threats are: human error, intentional activity and natural disasters.
True
Which of the following is an example of a security incident?
Virus attack that destroyed files
Which of the following is a strong password?
Xerh54=
Which of the following damages a computer and/or the data?
malware
A letter was sent to patients telling them their PHI had been accessed by a hacker and that the healthcare facility would provide monitoring of their credit for one year. This is an example of what?
mitigation
Which of the following is an example of a technical safeguard?
person or entity authentication
The Chief Security Officer is responsible for:
advising administration on information security
The manager reviews a tool that identifies when an user logs in and out, what they do, and more. What is being reviewed?
audit trail
Which of the following is an example of data security?
automatic logoff after inactivity
Which of the following is an example of a business associate?
contract coder
Data have been lost in our EHR. To correct this problem, the facility needs to take what step?
data recovery
During a risk analysis, the facility documents potential threats to:
data security
Symmetric and asymmetric are examples of what?
encryption
The workforce clearance procedure:
ensures that the access to ePHI is appropriate
Which of the following is a type of network security?
firewall
Unfortunately the facility had a hacker invade the EHR. What is the process that should be used to gather evidence?
forensics
What is the term that is used to mean ensuring that data are not altered during transmission across a network or during storage?
integrity
The duplication of data, hardware, and other components is called:
redundancy
A user had trouble remembering his password so he decided to write it down. No one obtained access to it and used it so this is a:
security event
The computer notified me that a user accessed the PHI of a patient with the same last name. This is the example of a(n):
trigger
To access PHI, the user enters a user name and places their thumb in a reader. This is an example of what?
two-factor authentication