Suspected Security Breach or Hacked Device
If you think you’ve been hacked you shouldn’t immediately stop accessing organizational systems on that device. TRUE OR FALSE?
False
How can you protect your computer at home?
A. Disable the password feature
B. Authorize automatic installation of mobile code
C. Disable automatic security updates
D. Turn on spyware protection
D. Turn on spyware protection
The organization must investigate and respond to this.
Reported breach
FALSE
Incidents must be recorded in this.
Incident report
Which of the following e-mail practices can help to prevent inadvertently downloading viruses?
A.View e-mails in rich text instead of plain text
B.Use the Preview Pane instead of opening e-mails
C. Look for a digital signature on e-mails
D.Forward e-mails you suspect to be infected to your information technology POC
C. Look for a digital signature on e-mails
Client information must never be stored _____ on personal devices.
Permanently
What is a confirmed data breach?
Organizations may need to notify affected individuals in this situation.
Name 4 things confidential information includes but is not limited to.
- Client names, clinical documentation, treatment plans, diagnoses, contact information, personal or medical information
What is compliance or corrective action?
Follow-up ensures this after an incident.
Who do I contact when I believe I’ve been hacked ?
Management team
Which of the following is an allowed use of a government-furnished smartphone?
A.Installing a sports betting app
B.Downloading games for your child to play
C.Responding to e-mails on your government e-mail account
D.Jailbreaking the device to customize it
C.Responding to e-mails on your government e-mail account
What is additional training?
Staff may be required to complete this after a violation.
This type of information includes names, DOB, and diagnoses.
Confidential information
What is multi-factor authentication ?
This adds an extra layer of security beyond your password.
Delaying reporting a breach can cause?
increased risk or damage
What is report it to your supervisor?
If your personal device is lost or stolen and contains client info, you must do this immediately.
This may happen if policies are not followed.
Disciplinary action
What is a confidentiality breach?
Talking about clients in public places like elevators or restaurants is this.
Clicking suspicious links in emails can lead to this type of attack.
Phishing
What is unauthorized access to protected health information?
This type of information exposure must always be reported, even if accidental.
Using your personal phone to text a client without agency approval is what type of violation?
A HIPAA violation
What is the HIPAA Breach Notification Rule?
This federal rule requires breach notifications in certain cases.
Sharing client information only with those involved in care is called?
Company policy
What is your login credentials?
You should never share this, even with coworkers.