ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A U.S. healthcare network plans to re-host its electronic health record (EHR) application on Amazon EC2 and store patient diagnoses, lab results, and insurance identifiers in Amazon RDS. Before selecting controls such as at-rest encryption, key management, and detailed audit logging, the security team must confirm which U.S. federal regulation governs the protection of this electronic protected health information (ePHI) in the AWS environment?
Payment Card Industry Data Security Standard (PCI DSS)
Federal Information Security Modernization Act (FISMA)
Health Insurance Portability and Accountability Act (HIPAA)
The data elements described-patient diagnoses, laboratory results, and insurance information-are all considered electronic protected health information under U.S. law. The Health Insurance Portability and Accountability Act (HIPAA) establishes national standards for safeguarding the confidentiality, integrity, and availability of ePHI handled by covered entities and their business associates, including when that data resides in a public cloud such as AWS. PCI DSS is focused on payment card data, SOX addresses financial reporting controls for public companies, and FISMA applies to federal information systems; none of these specifically regulate the handling of medical records for private-sector healthcare providers. Therefore, HIPAA is the controlling regulation the security team must address.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the role of HIPAA in securing ePHI?
Open an interactive chat with Bash
How does encryption help meet HIPAA requirements for ePHI?
Open an interactive chat with Bash
What is the significance of audit logging under HIPAA?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .