Portia Grant is an employee who is paid monthly. For the month of January of the current year, she earned a total of $8,260. The FICA tax for social security is 6.2% of the first $118,500 earned each calendar year and the FICA tax rate for Medicare is 1.45% of all earnings. The FUTA tax rate of 0.6% and the SUTA tax rate of 5.4% are applied to the first $7,000 of an employee’s pay. The amount of federal income tax withheld from her earnings was $1,325.17. What is the total amount of taxes withheld from the Portia’s earnings? (Round your intermediate calculations to two decimal places.) A- $3,097.17 B- $2,443.21 C- $1,957.06 D- $1,722.00 E- $1,495.36 Solution The Answer is “C- $1,957.06” Total amount of taxes withheld from the Portia’s earnings = $1957.06 Total amount of taxes withheld = Federal Income Tax + FICA tax for social security + FICA tax rate for Medicare = $1,325.17 + [ $8,260 x 6.20%] + [$8,260 x 0.60%] = $1,325.17 + 512.12 + 119.77 = $1,957.06.

1. Privacy and Security: What types of health care data are protected under HIPPA? What
technologies are NOT covered under HIPPA and therefore do not meet the criteria for CE
(covered entity)? What steps can/should organizations take to improve cyber security of health
care data?
Solution
a). Individuals, organizations, and agencies that meet the definition of a covered entity under
HIPAA must comply with the Rules' requirements to protect the privacy and security of health
information and must provide individuals with certain rights with respect to their health
information. If an entity does not meet the definition of a covered entity or business associate, it
does not have to comply with the HIPAA Rules.
Health care provider:-
This includes providers such as:
Doctors
Clinics
Psychologists
Dentists
Chiropractors
Nursing Homes
Pharmacies
...but only if they transmit any information in an electronic form in connection with a transaction
for which HHS has adopted a standard.
health plans:-
This includes:
Health insurance companies
HMOs
Company health plans
(Government programs that pay for health care, such as Medicare, Medicaid, and the military
and veterans health care programs) .
A health care clearing house:-
This includes entities that process nonstandard health information they receive from another
entity into a standard (i.e., standard electronic format or data content), or vice versa.
b). Non – HIPPA covered entities
Non-covered entities can often do whatever they want with someone's data as long as those

2. potential actions are included in the terms and conditions -- which are rarely ever read by users--
including sharing and selling data. Remember, a lot of companies and people aren’t required to
comply with HIPAA, and there are many times when health information may be available to
these people and companies. HIPAA only applies to covered entities and their business
associates. list of who are not covered under HIPPA:-
. Life and long-term insurance companies
. Workers' compensation insurers, administrative agencies, or employers (unless they are
otherwise considered covered entities)
. Agencies that deliver Social Security and welfare benefits
. Automobile insurance plans that include health benefits
. Search engines and websites that provide health or medical information and are not operated by
a covered entity
. Marketers
. Gyms and fitness clubs
. Direct to consumer (DTC) genetic testing companies
. Many mobile applications (apps) used for health and fitness purposes
. those who conduct screenings at pharmacies, shopping malls, health fairs, or other public places
for blood pressure, cholesterol, spinal alignment, and other conditions
. Certain alternative medicine practitioners
. Most schools and school districts
. Researchers who obtain health data directly from health care providers
. Most law enforcement agencies
. Many state agencies, like child protective services
. Courts, where health information is material to a case
c). Cyber security in health care organisations:-
health care organizations are on the high end of the spectrum when it comes to cyber-attacks.
They are not as frequently targeted as the financial services sector, which has spent the last 20
years focusing on cyber security and protection.
1. Must make a commitment to creating and following a comprehensive cyber security program.
2. Organizations must have defined security procedures that address how staff access and interact
with the technology in their facilities.
3. The effectiveness of an organization’s processes directly correlates with how consistent staff
are in following those processes. To that end, organizations should provide comprehensive
training on cyber security measures and the risks involved if staff members are not diligent about
these efforts.
4. An organization may think it is doing all it can to preserve the privacy and security of its

3. technology, but issues may be missed or overlooked.
5. The organization should ensure the software provider is committed to the highest levels of
security. For example, the company should engage in regular audits of its solution as well as
penetration testing to uncover and resolve potential weaknesses.