Save
Busy. Please wait.
Log in with Clever
or

show password
Forgot Password?

Don't have an account?  Sign up 
Sign up using Clever
or

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't Know
Remaining cards (0)
Know
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

HIT 63

CHAPTER 17

QuestionAnswer
Safeguarding 维护 Information refers to protecting electronic information from unwanted access, sometimes known as a breach 违反
Confidentiality is the act of limiting disclosure of private matters
Information privacy The right of an individual to keep information about themselves from being disclosed to anyone.
Data Security protecting data from unauthorized (accidental or intentional) modification, destruction (the act of destroying 销毁), or disclosure (exposure 披露).
Data integrity means that data should be complete, accurate, consistent, and up-to-date.
Physical (Safeguard 保障) definition: Measure taken to (1) prevent loss through use of locks, burglar proofing, guards, etc., and (2) prevent disaster through access control, alarms, fireproof vaults, fire-suppression (sprinkler) system, power backup, etc.
Administration Safeguards are documented, formal practices to manage data security measures throughout the organization. policies and procedures should be written and formalized in a policy manual.
Access Control means being able to identify which employees should have access to what data.
Administrative controls include policies and procedures that address the management of computer resources.
Examples of administrative controls one such policy might direct users to log-off the computer system when they are not using it. Another policy might prohibit employees from accessing the Internet for purposes that are not work-related
Application Controls contained in the application software or computer programs, which include: password management, edit check, audit trail, and etc. Application controls are important because they are automatic checks that help preserve data confidentiality & integrity 诚信
Audit trail is a software program that tracks every single access to data in the computer system. It logs the name of the individual who accessed the data, the date and time, and the action (modifying, reading, or deleting data)
Business continuity plan (BCP) is for handle an unexpected computer shutdown caused by an intentional or unintentional event or during a natural disaster.
Business continuity Plan (BCP) also called contingency 应急 and disaster planning
Hacker 黑客 a microcomputer user who attempts to gain unauthorized access to proprietary 专有computer systems.
Security breach An act from outside an organization that bypasses or contravenes 违反 security policies, practices, or procedures. A similar internal act is called security violation.
contravene to contravene the law
breach the violation of the law. To break or act contrary 相反 to (a law, promise, etc.). 违反
mitigate 减轻 to make less severe: to mitigate a punishment. to lessen in force or intensity, as wrath, grief, harshness, or pain; moderate.
Edit checks help to ensure data integrity by allowing only reasonable and predetermined values to be entered into the computer
Types of application controls password management, edit checks, and audit trail
Security Means to control access and protect information from accidental or intentional disclosure to unauthorized persons and from alteration, destruction, or loss.
1 of 5 Security threats caused by people Unintentional mistakes: Employees who 1 of 5, Threats from insiders who make unintentional mistakes: accidentally make a typographical error, inadvertently delete files on a computer disk, or unknowingly give out confidential information.
2 of 5 Security threats caused by people Threats from insiders who abuse their access privileges to information: Such threats could be employees who knowingly disclose information about a patient to individuals who do not have proper authorization.
3 of 5 Security threats caused by people Threats from intruders who attempt to access information or steal physical resources: Individuals may physically come onto th eorganizatin's progperty to access information or steal equipment such as laptop computers or printers.
4 of 5 Security threats caused by people Threats form insiders who access information or computer systems for spite or profit: Generally, such employees seek information for the purpose of committing fraud or theft.
5 of 5 Security threats caused by people Threats from vengeful employees or outsiders who mount attacks on the organization's information systems: Disgruntled employees might destroy computer hardware or software. delete or change data, or enter data incorrectly into the computer system.
Categories of people-oriented security threats 1. innocent mistakes. 2. abuse privileges. 3. access or alter data for spite or profit. 4. steal or otherwise harm systems. 5. vengeful employees or outsiders who mount attacks.
Vengeful inflicting or taking revenge 复仇: with vengeful blows.
disgruntled grouchy 不高兴, testy, sullen 忧郁, grumpy 性情乖戾的, dissatisfied. 不满
Data availability means making sure the organization can depend on the information system to perform exactly as expected, without error, and to provide information when and where it is needed.
Technical Safeguards consist of: Access controls, Audit controls, Data integrity 诚信, person or entity authentication, and Transmission security
encryption (to put (computer data) into a coded form ). To put (a message) into code is a process that encodes textual material, converting it to scrambled data that must be decoded in order to be understood. The message is a jumble of unreadable characters and symbols as it is transmitted through the telecommunication network. 加密
HIPAA's Security Rule HIPAA's Security Rule divides its protections into three "safeguard" categories: physical (discussed here), administrative and technical. Each safeguard category includes various standards and implementation specifications.
Security incident A security incident is an alert to the possibility that a breach of security may be taking, or may have taken, place.
Created by: Lilyn Ta
Popular Surgery sets

 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!
"Know" box contains:
Time elapsed:
Retries:
restart all cards