ExpertHard1 markMultiple Choice
CPA · Question 55 · Area II: Security
Which of the following is a requirement of the HIPAA Security Rule but NOT the Privacy Rule?
Which of the following is a requirement of the HIPAA Security Rule but NOT the Privacy Rule?
Answer options:
A.
Notice of Privacy Practices.
B.
Minimum Necessary standard.
C.
Implementation of technical safeguards like encryption and audit controls for ePHI.
D.
Authorization for disclosure.
How to approach this question
Privacy Rule = Rights, Paperwork, Uses. Security Rule = Tech, Encryption, Backups, ePHI.
Full Answer
C.Implementation of technical safeguards like encryption and audit controls for ePHI.✓ Correct
C
The HIPAA Security Rule specifically addresses the protection of Electronic Protected Health Information (ePHI) through administrative, physical, and technical safeguards. The Privacy Rule covers all PHI (paper, oral, electronic) and focuses on rights and usage.
Common mistakes
Confusing the two rules.
Practice the full CPA ISC Practice Exam
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is performing a risk assessment for a client that uses a public cloud provider for its core...HardQ02During a walkthrough of a client's change management process, the auditor notes that developers h...HardQ03A service organization provides a real-time transaction processing platform. The service level ag...HardQ04An auditor is reviewing a SQL query used by the finance team to generate a report of all sales tr...HardQ05A healthcare clearinghouse is preparing for a SOC 2® engagement. They utilize a private cloud dep...Hard