LCHI 474 FINAL EXAM QUESTIONS WITH
CORRECT ANSWERS
\.Which of the following is a right of an individual to be left alone? - ANSWERS✔-
Privacy
\.Data Integrity controls reduce the risk of data _____ - ANSWERS✔-Alteration
\.When protected health information is shared between two nurses in a hospital,
the HIPAA Privacy Rule considers the sharing to be: - ANSWERS✔-Use
\.Breaches of protected health information by business associates: - ANSWERS✔-
Have to be reported to the covered entity who reports to HHS
\.If data are de-identified according to the requirements of the HIPAA Privacy
Rule: - ANSWERS✔-Breach reporting is not required for wrongful disclosure
\.When health data from a provider are integrated with health data compiled by a
patient in a personal health record, the integrity of the data can be assured
through: - ANSWERS✔-Data provenance
\.Which of the following represents one of the most common complaints levied
with the Office for Civil Rights? - ANSWERS✔-Right of access violation
, \.A security threat: - ANSWERS✔-Can exploit a vulnerability causing a breach
\.What is the situation in which a user or system denies having performed some
action on data? - ANSWERS✔-Repudiation
\.HIPAA refers to data backup, disaster recovery, and emergency mode operations
as: - ANSWERS✔-Contingency planning
\.Which form of authentication is the strongest? - ANSWERS✔-Biometric and
passwords
\.What mechanism enables use of a digital signature? - ANSWERS✔-Public Key
Infrastructure
\.Access controls should be established to conform to: - ANSWERS✔-Minimum
necessary requirements
\.Which statement about encryption is true? - ANSWERS✔-Poorly implemented
encryption can be worse than no encryption
\.Which of the following is a purpose of mobile device management? -
ANSWERS✔-Establish policies about use of personal devices
CORRECT ANSWERS
\.Which of the following is a right of an individual to be left alone? - ANSWERS✔-
Privacy
\.Data Integrity controls reduce the risk of data _____ - ANSWERS✔-Alteration
\.When protected health information is shared between two nurses in a hospital,
the HIPAA Privacy Rule considers the sharing to be: - ANSWERS✔-Use
\.Breaches of protected health information by business associates: - ANSWERS✔-
Have to be reported to the covered entity who reports to HHS
\.If data are de-identified according to the requirements of the HIPAA Privacy
Rule: - ANSWERS✔-Breach reporting is not required for wrongful disclosure
\.When health data from a provider are integrated with health data compiled by a
patient in a personal health record, the integrity of the data can be assured
through: - ANSWERS✔-Data provenance
\.Which of the following represents one of the most common complaints levied
with the Office for Civil Rights? - ANSWERS✔-Right of access violation
, \.A security threat: - ANSWERS✔-Can exploit a vulnerability causing a breach
\.What is the situation in which a user or system denies having performed some
action on data? - ANSWERS✔-Repudiation
\.HIPAA refers to data backup, disaster recovery, and emergency mode operations
as: - ANSWERS✔-Contingency planning
\.Which form of authentication is the strongest? - ANSWERS✔-Biometric and
passwords
\.What mechanism enables use of a digital signature? - ANSWERS✔-Public Key
Infrastructure
\.Access controls should be established to conform to: - ANSWERS✔-Minimum
necessary requirements
\.Which statement about encryption is true? - ANSWERS✔-Poorly implemented
encryption can be worse than no encryption
\.Which of the following is a purpose of mobile device management? -
ANSWERS✔-Establish policies about use of personal devices
