Podcast
Questions and Answers
According to the policy, who is required to receive training on encryption best practices?
According to the policy, who is required to receive training on encryption best practices?
- Only contractors handling PHI
- Both employees and contractors handling PHI
- Only employees handling PHI
- Employees, contractors, and affiliates handling PHI (correct)
What is the minimum necessary period that PHI should be retained for according to the policy?
What is the minimum necessary period that PHI should be retained for according to the policy?
- As required by applicable laws and regulations (correct)
- 90 days
- 60 days
- 30 days
Which of the following is NOT a method suggested for secure transmission of PHI?
Which of the following is NOT a method suggested for secure transmission of PHI?
- Other secure means
- Fax
- Unencrypted file transfer protocols (correct)
- Encrypted email
What is the purpose of incident reporting according to the policy?
What is the purpose of incident reporting according to the policy?
Who should an employee report suspected breaches, loss, or unauthorized access of PHI to?
Who should an employee report suspected breaches, loss, or unauthorized access of PHI to?
What action may be taken for non-compliance with the policy's requirements?
What action may be taken for non-compliance with the policy's requirements?
Which aspect of encryption must be managed securely according to the policy?
Which aspect of encryption must be managed securely according to the policy?
What is a strict prohibition regarding personal devices when handling PHI?
What is a strict prohibition regarding personal devices when handling PHI?
Who is responsible for approving all updates or revisions to the policy?
Who is responsible for approving all updates or revisions to the policy?
Flashcards are hidden until you start studying