400-007 · Question #114
400-007 Question #114: Real Exam Question with Answer & Explanation
The correct answer is D: technical integrity and transmission security. The core problem is a data integrity violation: PHI was modified without authorization. Under HIPAA's Technical Safeguards (45 CFR §164.312), the Integrity control requires covered entities to implement electronic mechanisms to corroborate that ePHI has not been improperly altere
Question
Options
- Atechnical and physical access control
- Badministrative security management processes
- Cphysical device and media control
- Dtechnical integrity and transmission security
Explanation
The core problem is a data integrity violation: PHI was modified without authorization. Under HIPAA's Technical Safeguards (45 CFR §164.312), the Integrity control requires covered entities to implement electronic mechanisms to corroborate that ePHI has not been improperly altered or destroyed, and Transmission Security ensures PHI is not modified during transit. These two controls directly address unauthorized alteration. Access control (A) governs who can authenticate and access systems, but alone cannot prevent an authorized user or a man-in-the-middle attack from modifying data in transit. Administrative security management (B) covers policies and risk analysis - important but not the direct technical resolution. Physical device and media control (C) addresses hardware custody (disposal, re-use), not data modification in transit or at rest.
Community Discussion
No community discussion yet for this question.