2. If an information technology auditor working on behalf of a hospital with a v

Question

2. If an information technology auditor working on behalf of a hospital with a valid business
associate agreement inadvertently loses the unencrypted medical billing records of 400
individuals, what type of notification is NOT required?
A. The hospital must provide notice to prominent media outlets serving the state or jurisdiction.
B. The hospital or auditor must provide individual notice to the affected individuals.
C. The hospital must notify the Secretary of the Department of Health and Human Services
(HHS).
D. The auditor must notify the hospital following discovery of the breach.
3. The National Do Not Call Registry is primarily enforced by which two entities through their
regulation of two different federal laws relating to telemarketing?
A. Department of Transportation and the FTC.
B. US Department of Justice and the FTC.
C. Department of Commerce and the FCC.
D. The FTC and FCC.
4. If a user of a consumer report takes adverse action against a consumer based on information
contained in the consumer report (i.e. an employer denies employment to a job applicant due to
the contents of the applicant's consumer report), which of the following does NOT need to be
disclosed to the consumer?
A. The name, address, and telephone number of the consumer reporting agency that provided
the consumer report.
B. A statement explaining to the consumer that he has the right to obtain a copy of the consumer
report free of charge from the consumer reporting agency.
C. An explanation of the technical safeguards instituted by the consumer reporting agency that
protect the consumer's confidential information.
D. A statement advising the consumer of his right to dispute the accuracy or completeness of the
consumer report with the consumer reporting agency.
5. In accordance with the Bank Secrecy Act, under which circumstance must a financial
institution (as defined by the Bank Secrecy Act) file a suspicious activity report?
A. When the bank detects a suspicious transaction of $25,000 even if the bank does not know
the identity of the perpetrator.
B. For all transactions over $7,500.
C. For all transactions over $2,500.
D. When the bank detects a suspicious cash transaction of $1,000 coupled with a credit
transaction of $3,000.
6. When a website operator states in its privacy notice that it will not share financial information
with third parties and then shares financial information with a third-party affiliate, what recourse
may occur?
A. The FTC may bring an action against the operator for unfair competition.
B. The FTC may bring an action against the operator for a deceptive trade practice.
C. A user of the website may bring a criminal sanctions against the operator.
D. The FTC may bring an action under Section 75 of the Federal Trade Commission Act.

Explanation / Answer

If you post more than 1 question, as per chegg guidelines I ahve to solve only first question.

Ques 2. Answer : (A) The hospital must provide notice to prominent media outlets serving the state or jurisdiction.

It is not necessary to tell the media about the breach.

But it is necessary to tell the individuals whose data is leaked and also the hospital as it is their responsibility to make sure that data is not lost.

Also, they should also tell the Department of Health and Human Services about he breach.

Related Questions

Navigate

• Browse (All)
• Browse 2
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.