ExpertMedium1 markMultiple Choice
CPA · Question 27 · Area II: Security
A healthcare provider stores patient records in a cloud database. Which HIPAA rule specifically governs the technical safeguards (like encryption and access control) for this electronic Protected Health Information (ePHI)?
A healthcare provider stores patient records in a cloud database. Which HIPAA rule specifically governs the technical safeguards (like encryption and access control) for this electronic Protected Health Information (ePHI)?
Answer options:
A.
HIPAA Privacy Rule
B.
HIPAA Security Rule
C.
HIPAA Breach Notification Rule
D.
HIPAA Omnibus Rule
How to approach this question
Distinguish between Privacy (Rights/Usage) and Security (Protection/Safeguards).
Full Answer
B.HIPAA Security Rule✓ Correct
HIPAA Security Rule
The Security Rule operationalizes the protections for ePHI. The Privacy Rule is broader and covers rights and permitted disclosures.
Common mistakes
Confusing Privacy Rule and Security Rule.
Practice the full CPA ISC Practice Exam 2
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll platform where clients access the software ...MediumQ02An auditor is reviewing the backup strategy for a financial institution that requires a Recovery ...HardQ03During a walkthrough of the change management process, an auditor observes that developers have w...MediumQ04An auditor is reviewing a SQL query used to generate a list of active customers for a marketing c...HardQ05Which of the following entities is considered a 'Covered Entity' under the HIPAA Privacy Rule?Medium