Supplier Management Jeopardy Jeopardy Template

SCP

HITRUST

SMO

SOC Reports

HIPAA Requirements

100

This individual from Privacy serves on the SCP Committee

Who is Deb Beaver?

100

The length of time that HITRUST certifications are good for

What is Two years?

100

This CA had a close encounter with the Philly Phanatic.

Who is Kelly?

100

This SOC report is used for Marketing purposes.

What is a SOC 3?

100

Covered entities must comply with this federal law to protect patient health information.

What is HIPAA (Health Insurance Portability and Accountability Act)?

200

This process preceded our current review process.

What is ARB?

200

This Compliance Analyst recently visited Alaska

Who is Shiela?

200

Geisinger is currently transitioning to this framework

What is ITIL 4?

200

This group is responsible for Complementary User Entity Controls

Who is the user entity?

200

These are the three types of organizations classified as covered entities under HIPAA.

What are healthcare providers, health plans, and healthcare clearinghouses?

300

Carla has visited all of the lower 48 states except this state.

What is Oklahoma?

300

HITRUST controls are defined by this group

Who is the HITRUST Alliance?

300

Strategic, tactical and operational approach to managing information technology within the organziation and delivering services to customers.

What is IT Service Management (ITSM)

300

By day, she’s a sharp-eyed IT Compliance Analyst; by weekend, she might be found at the drag strip, chasing quarter-mile glory and the perfect reaction time.

Who is Jill?

300

Some organizations, like universities, may be designated as this type of entity under HIPAA, meaning only their healthcare components are subject to HIPAA regulations.

What is a hybrid entity?

400

This company will be replacing CORL in 2026

Who is Deloitte?

400

The period of time it takes to become HITRUST certified.

What is 13 months?

400

These IT Compliance team members serve on SMO.

Who is Carla, Nicole, Carin, Jill & Kelly

400

SOC 2 reports are specifically designed for service providers that store or process this type of client data.

What is sensitive or confidential information?

400

Jill will have completed this many years at Geisinger upon her retirement.

What is 17 years?