analyzing and comparing glba and hipaa 1

Lab Assessment Questions & Answers 

  1. Which U.S. government agency acts as the legal enforcement entity for businesses and organizations involved in commerce? 
  2. Which U.S. government agency acts as the legal enforcement entity regarding HIPAA compliance and HIPAA violations? 
  3. List three (3) similarities between GLBA and HIPAA. 
  4. List five (5) examples of privacy data elements for GLBA as defined in the Financial Privacy Rule. 
  5. List five (5) examples of privacy data elements for HIPAA as defined in the Privacy Rule
  6. List three (3) differences between GLBA and HIPAA.
  7. How does GLBA’s and HIPAA’s privacy rule translate into information systems security controls and countermeasures?
  8. What three areas does the GLBA Safeguards Rule  encompass?
  9. What is ePHI?
  10. What three areas does the HIPAA Security Rule encompass for PHI?
  11. Are organizations under GLBA and HIPAA required to mail and inform their customers in writing about their privacy rights?
  12. When you go to your doctor’s office, one of the forms the office asks you to fill in and sign is a HIPAA Release Form authorizing your doctor to share your medical records and privacy data with third parties, including health insurance companies. Is this an example of the HIPAA Privacy Rule or the HIPAA Security Rule?
  13. Why is a Business Associate Agreement/Contract required between a HIPAA-covered entity and a downstream medical or service provider to that covered entity?
  14. Like HIPAA, GLBA has both privacy and security rules. What are the official names of these rules in GLBA law?        
  15. True or false: GLBA encompasses insurance companies and stock brokerage firms. 
