Certified Information Systems Security Professional (CISSP) — Question 189

When developing an electronic health record (EHR) in the United States (US), which of the following would be the BEST source of information for any compliance requirements?

Answer options

• A. World Health Organization (WHO)
• B. International Organization for Standardization (ISO)
• C. Health and Human Services (HHS)
• D. American Public Health Association (APHA)

Correct answer: C

Explanation

The Health and Human Services (HHS) is the primary government agency responsible for health-related regulations in the US, making it the most authoritative source for compliance requirements in electronic health records. In contrast, the WHO and ISO provide international guidelines, which may not address US-specific compliance needs, while the APHA focuses on public health advocacy rather than regulatory compliance.