New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce AP-211 Exam - Topic 4 Question 2 Discussion

Actual exam question for Salesforce's AP-211 exam
Question #: 2
Topic #: 4
[All AP-211 Questions]

A customer that already has Service Cloud is onboarding a new business unit, which needs to use Health Cloud.

Which three organization-wide default settings should an administrator change to ensure the original business unit that leverages Service Cloud does not have visibility into protected health information (PHI)?

Choose 3 answers

Show Suggested Answer Hide Answer
Suggested Answer: A, B, E

When onboarding Health Cloud into an org that already uses Service Cloud, it's critical to properly configure Organization-Wide Defaults (OWD) to ensure that protected health information (PHI) remains restricted.

The correct settings are:

A . Set Person Accounts to Private

Patients are modeled as Person Accounts in Health Cloud.

Setting Person Accounts to Private ensures PHI isn't exposed to users outside the Health Cloud business unit.

B . Set related clinical objects to Controlled by Parent or Private

Clinical objects (e.g., Care Plans, Assessments, Referrals) often relate to patients.

Making them Controlled by Parent (Person Account) or Private ensures only authorized users can see PHI.

E . Set Health Details to Controlled by Parent or Private

Health Details contain sensitive clinical data.

Must be restricted at the OWD level to prevent exposure to non-Health Cloud users.

Why not the others?

C . Set Account and Contract to Private

Regular business Accounts/Contracts are part of Service Cloud, not typically where PHI resides. Restricting them isn't required for PHI protection.

D . Set Contact to Controlled by Parent

Contacts in Health Cloud are often caregivers or providers, not patients (who are Person Accounts).

PHI protection centers around Person Accounts + Clinical Objects + Health Details, not Contacts.

Salesforce Health Cloud Reference:

Salesforce Health Cloud Security and Sharing Guide:

''For HIPAA and other PHI compliance, set Person Accounts and Health Cloud clinical objects to Private or Controlled by Parent.''

''Ensure Health Details are not exposed via default sharing.''


by Glory at Jan 28, 2026, 09:39 PM

Limited Time Offer

25%

Off

Get Premium AP-211 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Zoila
5 days ago
I think we practiced a similar question where we had to control access to clinical objects. Setting them to Controlled by Parent sounds familiar, but I can't recall if that's the best option here.
upvoted 0 times
...
Scot
10 days ago
I remember we discussed the importance of setting Person Accounts to Private to protect sensitive data, but I'm not entirely sure if that's the only setting we need to change.
upvoted 0 times
...
Kami
15 days ago
I feel pretty confident about this. I've worked with these types of settings before, so I know what to look for.
upvoted 0 times
...
Kimberlie
20 days ago
This is a good opportunity to demonstrate my understanding of security settings. I'll make sure to choose the right combination of options.
upvoted 0 times
...
Lura
25 days ago
I'm a little confused about the difference between Controlled by Parent and Private. I'll need to review those options carefully.
upvoted 0 times
...
Lelia
1 month ago
Okay, I think I've got a strategy here. I'll need to focus on the clinical objects and make sure the Service Cloud users don't have visibility.
upvoted 0 times
...
Dannie
1 month ago
Hmm, this seems tricky. I'll need to think carefully about the different objects and how to restrict access to the PHI.
upvoted 0 times
...

Save Cancel