Lab Assessment Questions
LaToya S. Brooks
Answer the following questions pertinent to GLBA and HIPAA privacy and security rules.
1. Which US government agency acts as the legal enforcement entity for businesses and organizations involved in commerce?
FTC
2. Which US government agency acts as the legal enforcement entity regarding HIPAA compliance and HIPAA violations?
The OCR
3. List three (3) similarities between GLBA and HIPAA.
1. They both protect businesses from exposing personal information.
2. They both are government organizations.
3. There are consequences for not complying with either of them.
4. List five (5) examples of privacy data elements for GLBA as defined in the privacy rule.
Name, SSN, address, DOB, financial records
5. List five (5) examples of privacy data elements for HIPAA as defined in the privacy rule.
An individual’s past, present, or future physical or mental health. Past, present, or future payment information, medical records, address, name, DOB, ssn
6. List three (3) differences between GLBA and HIPAA.
1. HIPAA is medical/ GLBA is financial.
2. GLBA is enforced by the FTC/ HIPAA is enforced by the OCR.
3. GLBA has fines associated with it/ HIPAA has fines and jail time associated with it.
7. How does GLBA and HIPAA privacy rule translate into information systems security controls and countermeasures?
The privacy rules require data to be secured and the transmission of such data must also be secured.
8. What three areas does the GLBA safeguard rule encompass?
Confidentiality, Integrity, Authenticity
9. What is ePHI?
Electronic protected health information
10. What three areas does the HIPAA security rule encompass for PHI?
a. Health care providers
b. Health care clearing houses
c. Health plan
11. Are organizations under GLBA and HIPAA required to mail and inform their customers in writing about their privacy rights?
Yes
12. When you go to your...