CertNexus Certified Cyber Secure Coder (CSC) — Question 16

Organizations considered “covered entities” are required to adhere to which compliance requirement?

Answer options

• A. Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• B. Payment Card Industry Data Security Standard (PCI DSS)
• C. Sarbanes-Oxley Act (SOX)
• D. International Organization for Standardization (ISO) 27001

Correct answer: A

Explanation

The correct answer is A, as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) specifically governs the privacy and security of health information for covered entities. The other options, while related to different areas of compliance, do not apply to healthcare organizations in the same way that HIPAA does.