Not training the personnel is not a threat else a risk.
The threat was the ability of the software to modify the patient's information during the fix process.
A. HealthGenic did not train its personnel to use the software.
I don't think this is a threat. This is more of a risk as the company is not meeting the awareness and training requirements with it measures and metrics.
B. The software company modified information related to HealthGenic’s patients
This is also a risk but but its an external threat.
Threats are used to assess the external issues of an organisation.
C. HealthGenic used a web-based medical software for storing patients' confidential information
Again, I would say a risk. As long as the correct controls are in place to secure the data.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
AlphaFocus
1 week, 6 days agofreddyflex
1 month agoAcrisius
2 months, 1 week ago