Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 12: Information Security and Confidentiality

Full screen (f)
exit full mode
Question
Which of the following best depicts the impact that Internet technology has on the security of health related information?

A)Health information on the Internet requires the same types of safeguards provided for information found in private offices and information systems.
B)Health information on the Internet does not require the same types of safeguards provided for information found in private offices and information systems.
C)Health information on the Internet requires more types of safeguards than what are provided for information found in private offices and information systems.
D)Health information on the Internet requires fewer safeguards than what are provided for information found in private offices and information systems.
Use Space or
up arrow
down arrow
to flip the card.
Question
Which of these is accurate about the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and the use of technology?

A)Does not specify the use of particular technology
B)Refers to the Joint Commission standards for technology
C)Specifies the utilization of HIPAA approved technology
D)Provides a monthly Web-based list of approved technology
Question
E-mail is an efficient means of disseminating information quickly and inexpensively. However, HIPAA regulations affect e-mail use and routing infrastructures. When may potentially sensitive information be sent via e-mail?

A)Client's consent was obtained to send information via e-mail
B)Recipient is known to the sender
C)E-mail is sent encrypted.
D)Organization's e-mail system has appropriate firewalls
Question
The security of any information system is part of the strategic planning process. Information system security is planned for with the intention of achieving which of the following goals?

A)Patient confidentiality protection
B)Information integrity protection
C)Timely availability protection
D)Cybercrime prevention
E)HIT compliance
Question
During the course of client care, the 21-year-old client tells the nurse that she had an abortion last year but that no one in her family knows. Which of these terms best describes the situation?

A)Consent
B)Privacy
C)Security
D)Confidentiality
Question
Which of the following is the protection of information against threats to its integrity, inadvertent disclosure, or availability?

A)Information security
B)Survivability
C)Confidentiality
D)Privacy
Question
Which of the following is a state of mind, a specific place, freedom from intrusion, or control over the exposure of self or of personal information?

A)Privacy
B)Confidentiality
C)Security
D)HIPAA
Question
Which of the following is not a clue that spyware has infected a computer?

A)Ability to SKYPE
B)Appearance of pop-ups
C)Random error messages
D)Poor system performance
Question
______________________________ is the process of determining whether someone is who he or she professes to be. This usually involves a username and a password, but can include other methods of proving identity, such as a smart card, retina scan, voice recognition, or fingerprints.
Question
____________________ is one of the greatest threats that may come from inside sources, namely employees, contractors, consultants, outsourced services, and vendors who view information inappropriately, disrupt information availability, or corrupt data integrity.
Question
Survivability is the capability of a system as a whole to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. United States Hospitals (USH) is a large national hospital corporation with processing centralized at their headquarters. USH is reviewing their information security plan. Part of their mission is to provide emergency services to each regional area during catastrophic events. Which of the following indicate that survivability has been specifically considered in the plan?

A)One hospital in each regional area has multiple sources of communication with USH central processing.
B)Emergency power generators for all associate hospitals are tested and serviced each week
C)Each night the system at USH central processing is backed up and stored in a remote location.
D)One hospital in each regional area has an emergency protocol in place for communicating directly with the Department of Homeland Security.
E)One hospital in each regional area is especially prepared to maintain information system functionality for the emergency, operating room, lab, and pharmacy units.
Question
An overlay occurs when one individual is assigned in the master patient index to another individual's health record. A health care facility has discovered that an overlay has occurred resulting in invalid data being stored in key identifying fields. Which of the following information security areas does this breach affect?

A)Survivability
B)Integrity
C)Availability
D)Inadvertent disclosure
Question
Why do most breaches of confidentiality occur?

A)Malicious behavior
B)System hacking
C)Intent
D)Carelessness
Question
A certified nursing assistant (CNA) at a local nursing home logs on to the facility's clinical information system. The CNA can only see information about the clients that were assigned by the registered nurse for that day. The CNA cannot see financial data regarding any of the assigned clients. This situation is an example of which of the following?

A)Password protection
B)Computer forensics
C)Access levels
D)User authentication
Question
A nurse practitioner (NP) approaches a computer terminal at the local health care facility. In order to gain access to client information, the NP must first slide a smartcard through a card reader and then place a finger on a scanner. Which authentication measures were used to verify the NP's authorization to access client data?

A)Appearance of the user's name on a screen
B)Biometric authentication
C)Picture authentication package
D)Proximity radio authentication
E)Encrypted pass key authentication
Question
Software that tracks system access by users, creates a(n) ____ that can reveal unusual activity or inappropriate use of information.
Question
During an attempted carjacking, the female victim slams a car door on the male assailant's hand, possibly causing serious injuries. The assailant runs away. Local police contact the emergency department of a local hospital to determine if anyone matching the assailant's description has been treated for a hand injury. The hospital reveals that they currently have such a patient. The police ask the nurse manager to reveal the identity of the patient. It is noted that no court order has been issued. The nurse manager asks the patient to sign a consent form that allows the hospital to reveal his name and does mention the police. If the patient signs the consent form, what would it be considered?

A)Informed consent
B)Consent
C)HIPAA violation
D)Breech of privacy
Question
Which of the following is true about effective security?

A)Assessment of security resources enables organizational personnel to devise methods to protect information systems data.
B)Assessment of security resources provides super users with in depth access knowledge.
C)Assessment of security resources enables organizational personnel to alter the flow of information.
D)Assessment of security resources enables organizational personnel to define terms in the data dictionary.
Question
Which of the following measures are recommended for enhancing information security?

A)File deletion software is used to overwrite hard disk files, using meaningless information.
B)Storage media that has been erased is disposed of in the dumpster.
C)Individuals routinely witness and record the destruction of records.
D)Papers such as prescriptions, laboratory specimen labels, and identification bracelets are disposed of in the dumpster.
E)Each page of output is assigned a serial number and the numbers are recorded when documents are destroyed.
Question
Passwords are a common means to authenticate access to automated records. Which of the following are recommendations for password selection and use?

A)Using software to test and eliminate easily compromised passwords
B)Using the browser "password save" feature
C)Deleting and replacing all system user passwords when an employee is terminated
D)Storing passwords in a file on the computer
E)Using the same password for access to all sites or systems
Question
The Health Insurance Portability and Accountability Act (HIPAA) requires organizations to determine threats and appropriate protective measures for information, not only in electronic formats, but in all formats. Which of the following measures cannot be incorporated by organizations to secure all data?

A)Creation of authentication policies
B)Specific software
C)Spyware
D)Firewall
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/21
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 12: Information Security and Confidentiality
1
Which of the following best depicts the impact that Internet technology has on the security of health related information?

A)Health information on the Internet requires the same types of safeguards provided for information found in private offices and information systems.
B)Health information on the Internet does not require the same types of safeguards provided for information found in private offices and information systems.
C)Health information on the Internet requires more types of safeguards than what are provided for information found in private offices and information systems.
D)Health information on the Internet requires fewer safeguards than what are provided for information found in private offices and information systems.
Health information on the Internet requires the same types of safeguards provided for information found in private offices and information systems.
2
Which of these is accurate about the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and the use of technology?

A)Does not specify the use of particular technology
B)Refers to the Joint Commission standards for technology
C)Specifies the utilization of HIPAA approved technology
D)Provides a monthly Web-based list of approved technology
Does not specify the use of particular technology
3
E-mail is an efficient means of disseminating information quickly and inexpensively. However, HIPAA regulations affect e-mail use and routing infrastructures. When may potentially sensitive information be sent via e-mail?

A)Client's consent was obtained to send information via e-mail
B)Recipient is known to the sender
C)E-mail is sent encrypted.
D)Organization's e-mail system has appropriate firewalls
E-mail is sent encrypted.
4
The security of any information system is part of the strategic planning process. Information system security is planned for with the intention of achieving which of the following goals?

A)Patient confidentiality protection
B)Information integrity protection
C)Timely availability protection
D)Cybercrime prevention
E)HIT compliance
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
5
During the course of client care, the 21-year-old client tells the nurse that she had an abortion last year but that no one in her family knows. Which of these terms best describes the situation?

A)Consent
B)Privacy
C)Security
D)Confidentiality
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following is the protection of information against threats to its integrity, inadvertent disclosure, or availability?

A)Information security
B)Survivability
C)Confidentiality
D)Privacy
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
7
Which of the following is a state of mind, a specific place, freedom from intrusion, or control over the exposure of self or of personal information?

A)Privacy
B)Confidentiality
C)Security
D)HIPAA
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
8
Which of the following is not a clue that spyware has infected a computer?

A)Ability to SKYPE
B)Appearance of pop-ups
C)Random error messages
D)Poor system performance
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
9
______________________________ is the process of determining whether someone is who he or she professes to be. This usually involves a username and a password, but can include other methods of proving identity, such as a smart card, retina scan, voice recognition, or fingerprints.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
10
____________________ is one of the greatest threats that may come from inside sources, namely employees, contractors, consultants, outsourced services, and vendors who view information inappropriately, disrupt information availability, or corrupt data integrity.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
11
Survivability is the capability of a system as a whole to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. United States Hospitals (USH) is a large national hospital corporation with processing centralized at their headquarters. USH is reviewing their information security plan. Part of their mission is to provide emergency services to each regional area during catastrophic events. Which of the following indicate that survivability has been specifically considered in the plan?

A)One hospital in each regional area has multiple sources of communication with USH central processing.
B)Emergency power generators for all associate hospitals are tested and serviced each week
C)Each night the system at USH central processing is backed up and stored in a remote location.
D)One hospital in each regional area has an emergency protocol in place for communicating directly with the Department of Homeland Security.
E)One hospital in each regional area is especially prepared to maintain information system functionality for the emergency, operating room, lab, and pharmacy units.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
12
An overlay occurs when one individual is assigned in the master patient index to another individual's health record. A health care facility has discovered that an overlay has occurred resulting in invalid data being stored in key identifying fields. Which of the following information security areas does this breach affect?

A)Survivability
B)Integrity
C)Availability
D)Inadvertent disclosure
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
13
Why do most breaches of confidentiality occur?

A)Malicious behavior
B)System hacking
C)Intent
D)Carelessness
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
14
A certified nursing assistant (CNA) at a local nursing home logs on to the facility's clinical information system. The CNA can only see information about the clients that were assigned by the registered nurse for that day. The CNA cannot see financial data regarding any of the assigned clients. This situation is an example of which of the following?

A)Password protection
B)Computer forensics
C)Access levels
D)User authentication
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
15
A nurse practitioner (NP) approaches a computer terminal at the local health care facility. In order to gain access to client information, the NP must first slide a smartcard through a card reader and then place a finger on a scanner. Which authentication measures were used to verify the NP's authorization to access client data?

A)Appearance of the user's name on a screen
B)Biometric authentication
C)Picture authentication package
D)Proximity radio authentication
E)Encrypted pass key authentication
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
16
Software that tracks system access by users, creates a(n) ____ that can reveal unusual activity or inappropriate use of information.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
17
During an attempted carjacking, the female victim slams a car door on the male assailant's hand, possibly causing serious injuries. The assailant runs away. Local police contact the emergency department of a local hospital to determine if anyone matching the assailant's description has been treated for a hand injury. The hospital reveals that they currently have such a patient. The police ask the nurse manager to reveal the identity of the patient. It is noted that no court order has been issued. The nurse manager asks the patient to sign a consent form that allows the hospital to reveal his name and does mention the police. If the patient signs the consent form, what would it be considered?

A)Informed consent
B)Consent
C)HIPAA violation
D)Breech of privacy
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following is true about effective security?

A)Assessment of security resources enables organizational personnel to devise methods to protect information systems data.
B)Assessment of security resources provides super users with in depth access knowledge.
C)Assessment of security resources enables organizational personnel to alter the flow of information.
D)Assessment of security resources enables organizational personnel to define terms in the data dictionary.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
19
Which of the following measures are recommended for enhancing information security?

A)File deletion software is used to overwrite hard disk files, using meaningless information.
B)Storage media that has been erased is disposed of in the dumpster.
C)Individuals routinely witness and record the destruction of records.
D)Papers such as prescriptions, laboratory specimen labels, and identification bracelets are disposed of in the dumpster.
E)Each page of output is assigned a serial number and the numbers are recorded when documents are destroyed.
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
20
Passwords are a common means to authenticate access to automated records. Which of the following are recommendations for password selection and use?

A)Using software to test and eliminate easily compromised passwords
B)Using the browser "password save" feature
C)Deleting and replacing all system user passwords when an employee is terminated
D)Storing passwords in a file on the computer
E)Using the same password for access to all sites or systems
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
21
The Health Insurance Portability and Accountability Act (HIPAA) requires organizations to determine threats and appropriate protective measures for information, not only in electronic formats, but in all formats. Which of the following measures cannot be incorporated by organizations to secure all data?

A)Creation of authentication policies
B)Specific software
C)Spyware
D)Firewall
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 21 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree