5.1 Orginizational Behavior Risks

Question 1

Printer safeguards (4 points)

Answer 1

Don’t share printers with other departments
Pick up doc immediately
Place printing locks/codes if possible
Don’t place in public areas

Question 2

Screen lock

Answer 2

Windows+L key

Password is require to unlock

Question 3

Force log off

Answer 3

Button allowing Someone to logout a user who has screen locked.

Question 4

Time lock

Answer 4

Limits hours PCs are available to login to

Question 5

SSO

Answer 5

Single sign on, one username/password to login to multiple systems.

Question 6

Instant message secure?

Answer 6

No, Not secured by default, sent in plain text

Question 7

Security officer

Answer 7

Determines policies necessary for security of phi.

Question 8

Audit trail

Answer 8

Record of activities, time stamp and users on EMR.

Question 9

Fax and PHI

Answer 9

Ensure recipient is authorized to receive
Send a cover sheet
Log fax transmissions
Audit speed dial numbers

Question 10

SFTP

Answer 10

Require username and passwords

Encryption of transmission

Question 11

VOIP

Answer 11

Voice over IP

Redundant internet and backup analog/fax lines to call out in event of failure

Question 12

MD

Answer 12

Medical doctor. Licensed to practice medicine without supervision.

Question 13

PA

Answer 13

Physicians assistant. Licensed to practice medicine with supervision. Can be primary care provider.

Question 14

NP

Answer 14

Nurse practitioner. Registered nurse who can sometimes work without supervision (state laws).

Question 15

RN

Answer 15

Registered nurse. Completed nursing school and passed licensing exam.

Question 16

LPN

Answer 16

Licensed practical nurse. Assists RNs and does bedside care.

Question 17

MA

Answer 17

Medical assistant. Not certified and works directly under provider or office manager.

Question 18

PCT

Answer 18

(Not the trail) provider who works directly under of licensed provider, usually does bedside care.

Question 19

System admin

Answer 19

Backups, configure/install/maintains computers,servers networks. Manages projects with info system. Train computer users.

Question 20

Security officer

Answer 20

Updates/patches computers and servers. Applies polices to protect PHI. grants access based on minimum required. Resolves vulnerabilities.

Question 21

Network admin

Answer 21

Maintain integrity of network. Setup/deploy/maintain of network devices.

Question 22

Database admin

Answer 22

Design and manage databases. Monitor data, reports.

Question 23

Desktop support

Answer 23

Support of computers and peripherals. Phones, tablets, printers, faxes.

Question 24

Role based access control

Answer 24

Assignment of access to info based on job title and not individual evaluation for need of access.

Question 25

Role based request

Answer 25

Request usually done by supervisor to allow employee access to info not in current role.

Question 26

Mandatory access control

Answer 26

Security mechanism were a user can only gains access to a resource if the security officer or admin grants access. Not piratical to manage in real world, usually for remote access users.

Question 27

Descretionary access control

Answer 27

User has control to grant access to resource owned by that user account.

Question 28

Break the glass

Answer 28

When access is crucial/emergency when care can't be delayed, username password or other means to access patient info right away.

Question 29

Risk management

Answer 29

Proactive approach to preventing lawsuits and liability issues due to medical errors.

Question 30

Two ways to protect PHI

Answer 30

Technical and physical safeguards