Question

technology continues to grow. Check Your Understanding 13.3 Instructions: Indicate whether the following statements are true or false (T or F). 1. Data encryption ensures that data transferred from one location on a network to another are secure from eavesdropping or data interception. 2. Assignment of patient medical record numbers is one of the priorities of the HIM professional during system downtime during a disaster. 3. Facsimile machines provide a highly secure method of communication 4. Compliance with the HIPAA Security Rule is the only standard that should be considered when developing a secunty plan and performing a risk assessment. 5. Disaster recovery and contingency plans related to ePHI are nice to have but not necessary 6. An organization's firewall limits external Internet users from accessing portions of the healthcare network, but it does not limit internal users from accessing portions of the Internet. 7. E-mail related to patient care should be kept separate from the patient medical record,

Answer 1

1. Answer: True.

Data encryption ensures that data transferred from one location on a network to another are secure from eavesdropping or data interception. Data encryption is the most effective method of data security from one location to another on a network. Data encryption ensures that any sensitive data is more secure and less prone to interception by unauthorized people. Here the data is translated into a secure code or is encrypted, and a password is required to decode it. Unauthorized people without the password cannot do eavesdropping or data interception.

2. Answer: True

Assignment of patient medical record numbers is one of the priorities of the HIM professional during system downtime during a disaster. Health information management professionals have a significant role in providing support during emergencies. They coordinate the request as well as the receipt for required medical records at emergency care and trauma care sites.

3. Answer: False

Facsimile machines do not provide a highly secure method of communication, as their signals are prone to interception. The device for interception is capable of both phone line fax and radio fax signal interception.

4. Answer: False

Compliance with the HIPAA Security Rule is not the only standard that should be considered when developing a security plan and performing a risk assessment. Developing a security plan and performing risk assessment needs to be compliant with many other standards that could make data more secure and less vulnerable.

5. Answer: False

Disaster recovery and contingency plans related to ePHI are must-haves to prevent data loss and process continuity in the event of a disaster. Disaster recovery and contingency plans help to reduce interruptions caused due to a disaster and help in a faster recovery.

6. Answer: True

An organization's firewall limits external Internet users from accessing portions of the healthcare network, but it does not limit internal users from accessing portions of the Internet. Firewalls are programs used to limit external access, to control the traffic flow between networks or hosts that use different security postures.

7. Answer: False

E-mail related to patient care should be kept along with the patient medical record for the convenience of data handling. This is considered to be good from the data security perspective also. The health information including emails are protected by HIPPA rules once it is received by the provider.