A contractor is hired to review and perform cybersecurity vulnerability assessments for a local health clinic facility. Which U.S. government regulation must the contractor understand before the contractor can start?
- GDPR
- GLBA
- HIPAA
- FedRAMP
Explanation: The original intent of the Health Insurance Portability and Accountability Act (HIPAA) was to simplify and standardize healthcare administrative processes. The U.S. Department of Health and Human Services (HHS) was instructed to develop and publish standards to protect individual electronic health information while permitting appropriate access and use by healthcare providers and other entities. A cybersecurity professional must fully understand HIPAA before performing a compliance-based assessment.
Exam with this question: 2.4.3 Quiz - Planning and Scoping a Penetration Testing Assessment Answers
Please login or Register to submit your answer