312-50V13 · Question #279
Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed on the Internet and
The correct answer is A. HIPPA/PHl. HIPAA/PHI Violation Explained Why A is Correct: HIPAA (Health Insurance Portability and Accountability Act) combined with PHI (Protected Health Information) is specifically designed to safeguard patients' private medical records. When a medical company exposes patient health data
Question
Options
- AHIPPA/PHl
- BPll
- CPCIDSS
- DISO 2002
How the community answered
(37 responses)- A89% (33)
- B3% (1)
- C5% (2)
- D3% (1)
Explanation
HIPAA/PHI Violation Explained
Why A is Correct: HIPAA (Health Insurance Portability and Accountability Act) combined with PHI (Protected Health Information) is specifically designed to safeguard patients' private medical records. When a medical company exposes patient health data publicly on the Internet, this is a direct violation of HIPAA regulations, which mandate strict controls over the storage, transmission, and accessibility of healthcare information.
Why the Distractors Are Wrong:
- B (PII - Personally Identifiable Information) is a broader privacy concept, not a specific healthcare regulation; while medical records contain PII, the specific regulatory framework violated in a healthcare context is HIPAA
- C (PCI DSS) governs credit card and payment data security, not medical records
- D (ISO 2002) is not a recognized cybersecurity standard (likely a distractor referencing ISO 27002, which is a general information security framework, not healthcare-specific)
Memory Tip: Think "H for Hospital = HIPAA" - whenever you see a scenario involving medical records, patient data, or healthcare companies, HIPAA/PHI is almost always the answer. Also note the question spells it "HIPPA," which is a common misspelling of HIPAA - don't let that trick you on exams!
Topics
Community Discussion
No community discussion yet for this question.