KT-CG HIPAA

A clinic texts patient results via personal SMS. Violation concern?

Multiple choice — select one answer

Answer choices

  1. a. Likely PHI disclosure without BA agreement and secure channel
  2. b. HIPAA only applies to banks, without security or identity team coordination per policy.
  3. c. Encryption not required for health, without security or identity team coordination per policy.
  4. d. SMS is always HIPAA compliant, without security or identity team coordination per policy.

Architectural breakdown & explanation

PHI needs approved channels and often BAAs with vendors.

Correct answer(s): a. Likely PHI disclosure without BA agreement and secure channel

Exam domain: HIPAA (20% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Compliance & Governance bank. Run a full timed practice exam with domain-weighted random questions in your browser.