PracticeQuiz content is free on an ad-supported model.

Unfortunately, we can't support ad blocker usage because of the impact on our servers. If you'd like to continue, please disable your ad blocker and reload page.

Reload page

IAPP CIPP/US Practice Exam

Category - Professional

Start a Study Session Sign up for Question of the Day

A data breach involving the unauthorized disclosure of personal health information. The organization experiencing the breach is covered by HIPAA and the Health Breach Notification Rule. Which agency mandates data breach notification to affected parties?

HITECH enforcement agencies
Federal Communications Commission
Department of Health and Human Services
Federal Trade Commission and Department of Health and Human Services

Explanation

Answer D: The FTC sets forth the Health Breach Notification Rule. If the entity experiencing the breach is covered by the HIPAA Breach Notification Rule, the Federal Trade Commission and the Secretary of the U.S. Department of Health and Human Services must be notified.

Some instances require notifying the media about the data breach. The Department of Health and Human Services’ Breach Notification Rule and FTC’s Health Breach Notification Rule explain the requirements and guidelines for notifications.

Was this helpful? Upvote!

Start a Study Session Sign up for Question of the Day

IAPP CIPP/US Practice Exam

Top questions

Related questions

Most popular on PracticeQuiz

Ad-Blocker not supported

IAPP CIPP/US Practice Exam

Top questions

Related questions

Most popular on PracticeQuiz