HIM377
Cybersecurity & Data Privacy
LATEST FINAL EXAM REVIEW
Q&S
©2024/2025
,1. Multiple Choice: Which of the following is considered a best
practice for securing patient data?
A) Using strong, unique passwords for each system
B) Regularly updating software and hardware components
C) Implementing multi-factor authentication
D) All of the above
Correct Answer: D) All of the above
Rationale: Each option represents a critical aspect of
cybersecurity best practices. Strong passwords prevent
unauthorized access, updates patch security vulnerabilities, and
multi-factor authentication adds an extra layer of security.
2. Fill-in-the-Blank: The process of protecting sensitive information
from unauthorized access is known as ___________.
Correct Answer: Data Privacy
Rationale: Data privacy refers to the process and policies in place
to protect personal information from being accessed without
consent.
3. True/False: Encrypting patient data at rest is optional for
compliance with HIPAA.
Correct Answer: False
©2024/2025
, Rationale: Encryption of patient data at rest is not optional but a
necessary measure to ensure compliance with the Health Insurance
Portability and Accountability Act (HIPAA), which mandates the
protection of patient information.
4. Multiple Response: Select all the applicable laws and regulations
that govern data privacy in healthcare.
A) HIPAA
B) GDPR
C) HITECH Act
D) COPPA
Correct Answers: A) HIPAA, B) GDPR, C) HITECH Act
Rationale: HIPAA, GDPR, and the HITECH Act are all
regulations that directly impact data privacy in healthcare. COPPA,
while important, is primarily focused on the privacy of children
online.
5. Multiple Choice: An example of a physical safeguard for data
security is:
A) Firewalls
B) Locked rooms for server hardware
C) Antivirus software
D) Secure Wi-Fi networks
©2024/2025
Cybersecurity & Data Privacy
LATEST FINAL EXAM REVIEW
Q&S
©2024/2025
,1. Multiple Choice: Which of the following is considered a best
practice for securing patient data?
A) Using strong, unique passwords for each system
B) Regularly updating software and hardware components
C) Implementing multi-factor authentication
D) All of the above
Correct Answer: D) All of the above
Rationale: Each option represents a critical aspect of
cybersecurity best practices. Strong passwords prevent
unauthorized access, updates patch security vulnerabilities, and
multi-factor authentication adds an extra layer of security.
2. Fill-in-the-Blank: The process of protecting sensitive information
from unauthorized access is known as ___________.
Correct Answer: Data Privacy
Rationale: Data privacy refers to the process and policies in place
to protect personal information from being accessed without
consent.
3. True/False: Encrypting patient data at rest is optional for
compliance with HIPAA.
Correct Answer: False
©2024/2025
, Rationale: Encryption of patient data at rest is not optional but a
necessary measure to ensure compliance with the Health Insurance
Portability and Accountability Act (HIPAA), which mandates the
protection of patient information.
4. Multiple Response: Select all the applicable laws and regulations
that govern data privacy in healthcare.
A) HIPAA
B) GDPR
C) HITECH Act
D) COPPA
Correct Answers: A) HIPAA, B) GDPR, C) HITECH Act
Rationale: HIPAA, GDPR, and the HITECH Act are all
regulations that directly impact data privacy in healthcare. COPPA,
while important, is primarily focused on the privacy of children
online.
5. Multiple Choice: An example of a physical safeguard for data
security is:
A) Firewalls
B) Locked rooms for server hardware
C) Antivirus software
D) Secure Wi-Fi networks
©2024/2025
