Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-US All Questions

View all questions & answers for the CIPP-US exam
Go to Exam

Exam CIPP-US topic 1 question 36 discussion

Actual exam question from IAPP's CIPP-US
Question #: 36
Topic #: 1
[All CIPP-US Questions]

A covered entity suffers a ransomware attack that affects the personal health information (PHI) of more than 500 individuals. According to Federal law under HIPAA, which of the following would the covered entity NOT have to report the breach to?

  • A. Department of Health and Human Services
  • B. The affected individuals
  • C. The local media
  • D. Medical providers
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Boats at May 21, 2023, 12:26 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
twiny
2 months, 2 weeks ago
Typo in my last sentence. Should read, "making choice D the BEST answer to the question asked." (not the "next" answer).
upvoted 1 times
...
twiny
2 months, 2 weeks ago
Selected Answer: D
The correct answer is D. Medical providers. Reference: The IAPP textbook, U.S. Private-Sector Privacy, 4th Edition, 2024, Section 8.2.1 Notice of Breach: "If there is a high probability that the security or privacy of the information (financial, reputational, or other) has been compromised, a covered entity must notify individuals within 60 days of discovery. If the breach affects more than 500 people, the covered entity must notify the HHS immediately, and if the breach affects 500 or more in the same jurisdiction, it must notify the media." Medical providers are not among those to whom the covered entity should report the breach, making choice D the next answer to the question asked.
upvoted 2 times
...
Bhimesh
7 months, 2 weeks ago
Selected Answer: D
Breach Notification Requirements Following a breach of unsecured protected health information, covered entities must provide notification of the breach to affected individuals, the Secretary, and, in certain circumstances, to the media. In addition, business associates must notify covered entities if a breach occurs at or by the business associate. Individual Notice Covered entities must notify affected individuals following the discovery of a breach of unsecured protected health information. Media Notice Covered entities that experience a breach affecting more than 500 residents of a State or jurisdiction are, in addition to notifying the affected individuals, required to provide notice to prominent media outlets serving the State or jurisdiction.
upvoted 1 times
Bhimesh
7 months, 2 weeks ago
Notice to the Secretary (notify the Secretary by visiting the HHS website) In addition to notifying affected individuals and the media (where appropriate), covered entities must notify the Secretary of breaches of unsecured protected health information. Covered entities will notify the Secretary by visiting the HHS website and filling out and electronically submitting a breach report form. If a breach affects 500 or more individuals, covered entities must notify the Secretary without unreasonable delay and in no case later than 60 days following a breach. If, however, a breach affects fewer than 500 individuals, the covered entity may notify the Secretary of such breaches on an annual basis. Reports of breaches affecting fewer than 500 individuals are due to the Secretary no later than 60 days after the end of the calendar year in which the breaches are discovered
upvoted 2 times
...
...
Boats
1 year, 6 months ago
https://www.hhs.gov/hipaa/for-professionals/breach-notification/index.html Following a breach of unsecured protected health information, covered entities must provide notification of the breach to affected individuals, the Secretary, and, in certain circumstances, to the media. In addition, business associates must notify covered entities if a breach occurs at or by the business associate.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel