Question 1: Which of the following statements is NOT correct?
A) An HIE is a Health Insurance Exchange, where people sign up for insurance plans.
B) An HIE is a Health Information Exchange, which enables healthcare providers to -almost in real-time- access clinical information.
C) An HIE is a group of cooperating (and sometimes competing) organizations that must share information because of a common patient they are diagnosing or treating.
D) An HIE is usually defined by geographic boundaries.
Question 2: Which of the following is true about identity, access control, authorization, authentication, and role assignment?
A) They are collectively called provisioning.
B) They require level-2 identity proofing in healthcare systems as per the standard published by NIST Special Publications 800-63.
C) They are related in that user identity is fundamental to controlling access.
D) They are components of RBAC.
Question 3: Which of the following are rules of HIE access control? (select all that apply)
A) The data is always in the control of the source.
B) Once the data is sent, it is in the control of the recipient.
C) The holder of information can deny access to the information if it is not satisfied with access control.
D) The data is always in the control of the Data Services Hub.
Question 4: Which of the following is defined as the capability of the software product to maintain a specified level of performance when used under specified conditions?
A) Reliability
B) Availability
C) Maintainability
D) None of the above.
Question 5: True or False: System reliability focuses on the reliability of the software only.
True
False
Question 6: According to the textbook, data security breaches in healthcare systems fall under which of the following?
A) Reliability
B) Security
C) Performance
D) Privacy
E) None of the above.
F) All of the above.
Question 7: Which of the following are the three main components (goals) of data security?
A) Privacy, Confidentiality, Authentication
B) Confidentiality, Integrity, and Availability
C) Confidentiality, Control, Privacy
D) None of the above.
Question 8: The proportion of time a system is functioning is known as which of the following?
A) Reliability
B) Availability
C) Sustainability
D) Accessiblity
E) None of the above
Question 9: Which of the following terms refers to the capability of the software product to be modified?
A) Reformability
B) Upgradability
C) Maintainability
D) Reliability
E) Scalability
F) Modifiability
Question 10: When a hospital or small clinic is considering a health IT system, it should also consider its ability to easily and quickly accommodate large numbers of additional users and/or large increases in storage requirements. Which of the following is the architectural safeguard that ensures this capability?
A) Upgradability
B) Scalability
C) Modifiability
D) Availability
E) Maintainability
Question 11: A healthcare provider or organization plans to use cloud computing. Which of the following must be done to be in compliance with HIPAA? (select all that apply)
A) The organization must add operational safeguards to its overall security program.
B) The cloud vendor must be in compliance with HIPAA.
C) As long as the cloud vendor is a U.S. vendor, the business associate agreement does not need to address whether the data is hosted in the U.S. or overseas.
D) The cloud vendor must sign the health organization's business associate agreement.
Question 12: The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 was enacted in to promote which of the following? (select all that apply)
A) HIPAA
B) Operational Safeguards
C) Adoption of meaningful use in HIT