HIM375
Healthcare Data Security &
Privacy
LATEST FINAL EXAM REVIEW
Q&S
©2024/2025
,1. Which of the following measures is focused primarily on
ensuring data integrity in a healthcare system?
- A) Data Encryption
- B) Access Control
- C) Digital Signatures
- D) Network Firewalls
Answer: C) Digital Signatures
Rationale: Digital signatures help verify the authenticity and
integrity of data, ensuring that it has not been altered in an
unauthorized manner.
2. What is the primary purpose of implementing Role-Based
Access Control (RBAC) in a hospital's electronic health record
(EHR) system?
- A) To enhance user interface
- B) To streamline data input
- C) To limit access to sensitive information
- D) To improve system speed
Answer: C) To limit access to sensitive information
©2024/2025
, Rationale: RBAC restricts system access to authorized users
based on their role, minimizing the risk of unauthorized access to
sensitive patient data.
3. Which federal regulation in the United States primarily
addresses the privacy and security of health information?
- A) HIPAA (Health Insurance Portability and Accountability
Act)
- B) SOX (Sarbanes-Oxley Act)
- C) FISMA (Federal Information Security Management Act)
- D) COPPA (Children’s Online Privacy Protection Act)
Answer: A) HIPAA
Rationale: HIPAA establishes national standards for the
protection of health information.
4. Which of the following best describes the "minimum necessary"
standard under HIPAA?
- A) Sharing the complete medical record for any request
- B) Providing the least amount of information necessary for a
specific purpose
- C) Allowing unrestricted internal access to patient information
- D) Full patient consent to share all health information
©2024/2025
Healthcare Data Security &
Privacy
LATEST FINAL EXAM REVIEW
Q&S
©2024/2025
,1. Which of the following measures is focused primarily on
ensuring data integrity in a healthcare system?
- A) Data Encryption
- B) Access Control
- C) Digital Signatures
- D) Network Firewalls
Answer: C) Digital Signatures
Rationale: Digital signatures help verify the authenticity and
integrity of data, ensuring that it has not been altered in an
unauthorized manner.
2. What is the primary purpose of implementing Role-Based
Access Control (RBAC) in a hospital's electronic health record
(EHR) system?
- A) To enhance user interface
- B) To streamline data input
- C) To limit access to sensitive information
- D) To improve system speed
Answer: C) To limit access to sensitive information
©2024/2025
, Rationale: RBAC restricts system access to authorized users
based on their role, minimizing the risk of unauthorized access to
sensitive patient data.
3. Which federal regulation in the United States primarily
addresses the privacy and security of health information?
- A) HIPAA (Health Insurance Portability and Accountability
Act)
- B) SOX (Sarbanes-Oxley Act)
- C) FISMA (Federal Information Security Management Act)
- D) COPPA (Children’s Online Privacy Protection Act)
Answer: A) HIPAA
Rationale: HIPAA establishes national standards for the
protection of health information.
4. Which of the following best describes the "minimum necessary"
standard under HIPAA?
- A) Sharing the complete medical record for any request
- B) Providing the least amount of information necessary for a
specific purpose
- C) Allowing unrestricted internal access to patient information
- D) Full patient consent to share all health information
©2024/2025
