CertNexus Exam ITS-110 Topic 1 Question 26 Discussion

Actual exam question for CertNexus's ITS-110 exam

Question #: 26
Topic #: 1

You made an online purchase of a smart watch from a software as a service (SaaS) vendor, and filled out an extensive profile that will help you track several fitness variables. The vendor will provide you with customized health insights based on your profile. With which of the following regulations should the company be compliant? (Choose three.)

AGramm-Leach-Bliley Act (GLBA)

BPayment Card Industry Data Security Standard (PCI-DSS)

CFederal Information Security Management Act (FISMA)

DSarbanes-Oxley (SOX)

EHealth Insurance Portability and Accountability Act (HIPAA)

FFamily Educational Rights and Privacy Act (FERPA)

GFederal Energy Regulatory Commission (FERC)

Show Suggested Answer

Suggested Answer: B

by Samira at Feb 10, 2024, 02:16 PM

Limited Time Offer

25%

Off

Get Premium ITS-110 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Roxane

6 days ago

Don't forget, the vendor also needs to be PCI-DSS compliant since they're handling financial transactions. Can't let the hackers get to that credit card data!

upvoted 0 times

...

Crista

7 days ago

Haha, I bet the vendor didn't expect their customers to become such compliance experts! Better brush up on those regulations, guys.

upvoted 0 times

...

Jerry

14 days ago

I agree, HIPAA is the key regulation. The vendor needs to ensure they are compliant with handling sensitive health information.

upvoted 0 times

...

Sharika

21 days ago

The answer is clearly E) HIPAA, since the vendor is collecting health-related data. A and B may also apply, but HIPAA is the most relevant regulation here.

upvoted 0 times

...