Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CertNexus ITS-110 Exam - Topic 7 Question 61 Discussion

You made an online purchase of a smart watch from a software as a service (SaaS) vendor, and filled out an extensive profile that will help you track several fitness variables. The vendor will provide you with customized health insights based on your profile. With which of the following regulations should the company be compliant? (Choose three.)
B) Payment Card Industry Data Security Standard (PCI-DSS) and E) Health Insurance Portability and Accountability Act (HIPAA) and F) Family Educational Rights and Privacy Act (FERPA)
A) Gramm-Leach-Bliley Act (GLBA)
C) Federal Information Security Management Act (FISMA)
D) Sarbanes-Oxley (SOX)
G) Federal Energy Regulatory Commission (FERC)

CertNexus ITS-110 Exam - Topic 7 Question 61 Discussion

Actual exam question for CertNexus's ITS-110 exam
Question #: 61
Topic #: 7
[All ITS-110 Questions]

You made an online purchase of a smart watch from a software as a service (SaaS) vendor, and filled out an extensive profile that will help you track several fitness variables. The vendor will provide you with customized health insights based on your profile. With which of the following regulations should the company be compliant? (Choose three.)

Show Suggested Answer Hide Answer
Suggested Answer: B, E, F

by Serina at Aug 18, 2025, 09:44 AM

Limited Time Offer

25%

Off

Get Premium ITS-110 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tien
5 months ago
Wait, are we really talking about SOX in this context? That’s wild!
upvoted 0 times
...
Terrilyn
6 months ago
Agreed, GLBA might not apply to this situation.
upvoted 0 times
...
Sharika
6 months ago
I think PCI-DSS is also a must for payment info.
upvoted 0 times
...
Theron
6 months ago
Not sure about FISMA being relevant here...
upvoted 0 times
...
Dominga
6 months ago
Definitely HIPAA for health data!
upvoted 0 times
...
Mari
7 months ago
I think HIPAA is definitely one, and maybe FISMA as well, but I need to double-check how they relate to SaaS vendors.
upvoted 0 times
...
Mozell
7 months ago
I feel like GLBA could be relevant too, but I can't recall exactly how it connects to health data.
upvoted 0 times
...
Malcolm
7 months ago
I remember practicing a question about PCI-DSS, but I’m not sure if it applies here since this is more about health insights than payment processing.
upvoted 0 times
...
Joseph
7 months ago
I think HIPAA might be one of the regulations since it deals with health data, but I'm not sure about the others.
upvoted 0 times
...
Pauline
7 months ago
I feel pretty confident about this. The company is dealing with personal data and financial information, so GLBA and PCI-DSS are obvious choices. HIPAA also seems relevant since it covers health-related data. I'll select those three.
upvoted 0 times
...
Merilyn
8 months ago
This is a tricky one. There are a lot of different regulations to consider, and I'm not sure which ones specifically apply to this scenario. I'll have to review my notes and try to narrow it down.
upvoted 0 times
...
Shizue
8 months ago
Okay, I think I've got it. The company is handling personal information and financial transactions, so GLBA and PCI-DSS are definitely relevant. HIPAA might also apply since it covers health data.
upvoted 0 times
...
Janessa
8 months ago
Hmm, I'm a bit unsure about this one. I know HIPAA deals with healthcare data, but I'm not sure if it applies to a fitness tracker. I'll have to think this through carefully.
upvoted 0 times
...
Carline
8 months ago
This seems like a straightforward compliance question. I'll start by identifying the regulations that deal with personal data and financial transactions.
upvoted 0 times
...
Tyisha
8 months ago
I'm not sure about GLBA, but PCI-DSS and HIPAA are definitely relevant since the company is dealing with sensitive health information and payment data.
upvoted 0 times
...
Janine
8 months ago
I think the company should be compliant with HIPAA, FISMA, and PCI-DSS.
upvoted 0 times
...
Susy
9 months ago
I think the answer is B, E, and HIPAA. The company is handling personal fitness data, so HIPAA would definitely apply.
upvoted 0 times
...

Save Cancel