Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Question 16
Type: MCMA
Together the Joint Commission and HIPAA require that health care providers perform a business impact analysis,
employ crisis management, conduct employee training, implement ongoing continuity plan reviews, plan for
information technology disasters and recovery, and audit their continuity plan processes. There are other groups
that demonstrate interest in business continuity management. Which of the following are included in those other
groups?
Standard Text: Select all that apply.
1. National Institute of Standards and Technology (NIST)
2. Disaster Recovery Institute International
3. Federal Emergency Management Agency (FEMA)
4. Food and Drug Administration (FDA)
5. Bioterrorism Working Group, Centers for Disease Control and Prevention (CDC)
Question 17
Type: MCSA
In 2001, the Joint Commission introduced new emergency management standards for hospitals, long-term care
facilities, and behavioral health and ambulatory care that focus on the concept of community involvement in the
management process. What event was recently added by the Joint Commission to the list of events that
organizations must consider in their plans?
1. Disaster preparedness
2. Bioterrorism
3. Information security
4. Recovery planning
Question 18
Type: MCSA
A continuity plan is a critical aspect of an organization's risk management strategy and is instrumental to its
survival in the aftermath of a disaster. Tolerance for IT downtime is rapidly declining; a recent survey set the
figure at how many hours or less?
1. 5 hours
2. 10 hours
3. 18 hours
4. 24 hours
Question 19
Type: MCSA
Each organization must select its criteria for business disaster recovery timeframes based upon its own
perspective. Data flowcharts help to ensure which of the following?
1. The timeframes are appropriate
2. Integrity of the information is maintained
3. All critical processes are documented
4. No personnel are left out of the process
Question 20
Type: MCSA
Which of the following statements is not true about continuity planning?
1. A good continuity plan is intentionally ambiguous to prevent hacking.
2. Wait time decreases satisfaction and can diminish quality of care.
3. Health care organizations are catching up with other industries in understanding the business case for continuity
of operations.
4. Health care organizations must be able to effectively deal with crises.
Question 21
Type: MCSA
The HIPAA security rule requires continuity planning and disaster recovery processes. In response, all health care
organizations must have which of the following?
1. A data backup and a recovery plan
2. A data backup plan, a recovery plan, an emergency mode of operation plan, and testing and evaluation
procedures
3. An emergency mode of operation plan and testing and evaluation procedures
4. A data backup plan
Question 22
Type: MCSA
Post-disaster recovery expenses usually exceed anticipated costs, leading to changes in recovery strategies that
can be used for future disasters. What can planners do to minimize the budget variations?
1. Hold mock disasters.
2. Increase the budget line in anticipation of a disaster.
3. Set aside funds to supplement the budget.
4. Complete the grant writing process to supplement the existing budget.
Question 23
Type: MCSA
Post-disaster feedback is crucial to the design and implementation of a better continuity plan for future health care
agency use. Which of the following supports this statement?
1. The feedback should be used to identify what worked and what did not. Plans that looked good before a disaster
may not look so good after one.
2. Feedback collected after disasters (or mock disasters) is not useful since the staff had no other options during
the disaster.
3. Feedback collected after disasters (or mock disasters) is not necessarily accurate.
4. Feedback collected after disasters (or mock disasters) provides data for change in a limited number of areas.
Question 24
Type: MCSA
Which of the following is not a benefit of an effective disaster plan?
1. Limits the loss of data
2. Increase in the budget line to prepare for future disasters
3. Limits loss of equipment
4. Offers a logical system to employ during an unforeseen disaster
Question 25
Type: FIB
____________________________ is broadly defined as the process that seeks to ensure organizations are capable
of withstanding any disruption to normal functioning
Standard Text:
Question 26
Type: MCSA
Business continuity planning (BCP) is not a one-step or one-time activity but is a set of successive stages that are
repeated periodically. It is best characterized as a life cycle. Which of the following supports continuity planning?
1. Lost or corrupted data are costly to re-create and threaten the survival of a business or health care delivery
system in a highly competitive environment.
2. Business continuity planning is done after the implementation process.
3. Business continuity planning is associated with the cost incurred by vendors.
4. Located data after a disaster is generally corrupted.
Question 27
Type: MCMA
Which of the following are advantages of continuity planning?
Standard Text: Select all that apply.
1. Identifies strategies for correction of vulnerabilities within the organization
2. Provides a reasonable amount of protection against interruption in services, downtime, and data loss
3. Allows time for restoration of equipment, the facility, and services
4. Helps to ensure compliance with HIPAA legislation and requirements of the Joint Commission
5. Expedites reporting of diagnostic tests
Question 28
Type: MCSA
Which law authorized development of a national, near-real-time information network to coordinate federal and
state response to public health emergencies?
1. HIPAA
2. The Pandemic and All-Hazards Preparedness Act (PAHPA)
3. Sarbanes–Oxley Act of 2002
4. The Federal Information Privacy and Security Act of 2002
Question 29
Type: MCMA
Which of the following are stages of the continuity life cycle?
Standard Text: Select all that apply.
1. Organizational structure and objectives
2. Analysis
3. Implementation
4. Solution design
5. Testing and acceptance
