HCISPP Free Practice Test

Which of the following is the BEST reason for the use of security metrics?

1. A. They ensure that the organization meets its security objectives.
2. B. They provide an appropriate framework for Information Technology (IT) governance.
3. C. They speed up the process of quantitative risk assessment.
4. D. They quantify the effectiveness of security processes.

Correct Answer: B

Under the HIPAA Privacy Rule, who is NOT considered a covered entity?

1. A. Clearinghouse
2. B. Client patient
3. C. Health practitioner
4. D. Third party

Correct Answer: B
A health care provider, health plan, and a clearinghouse are all considered covered entities. HIPAA compliance is required of all covered entities.

Each state has the same laws, rules, and/or regulations governing confidentiality of health care information.

1. A. True
2. B. False

Correct Answer: B

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

1. A. Walkthrough
2. B. Simulation
3. C. Parallel
4. D. White box

Correct Answer: C

If you see other staff violating privacy policies you should?

1. A. Ignore it.
2. B. Give them a helpful, gentle reminder
3. C. Report problems and violations
4. D. Both answer B & C

Correct Answer: D