HIPPA Employee Testing

What is a privacy breach?

All of the above: -A team member fails to maintain confidentiality by discussing patient health information on social media -Lab results are sent to the wrong patient or recipient -A laptop or Smartphone containing electronic PHI is lost or stolen - and the device is not encrypted -A computer hacker gains access to systems that contain PHI

What is the best way to protect patient health information?

All of the above: -Do not leave computers logged on -Be aware of who is around you, and who coming into your department -Be aware of anyone who could be overhearing your conversation -Do not leave information where people can easily view them

My responsibility under HIPAA includes

All of the above: -Handling PHI as if it were my own -Disposing of scrap paper and other documents with PHI by shredding or confidential disposal -Accessing PHI, only the minimum necessary, to do my job -Discussing potential violations or any HIPAA concerns with my supervisor, manager, or the designated HIPAA Privacy/Security Official

An individual has the right

All of the above: -to obtain a copy of their PHI or be granted access to their PHI -to a list of disclosures -to request an alternative means or location for receiving communications -to request that a covered entity restrict the use or disclosure to PHI

The Security Rule set up national standards for the protection of an individual's health information that is:

All of the above: Transmitted in electronic form Received in electronic form Maintained in electronic form

Entities that transport PHI, but do not access, use, or disclose the information are business associates.

False

The Security Rule set up national standards for the use and disclosure of PHI.

False

Which of the following is NOT a protected identifier?

Favorite food

Those who violate HIPAA laws can receive a civil penalty of $100 to $50,000 per year for each standard violation.

True

HIPPA is needed for

Protection of personal health information and our rights with respect to that information and to prevent fraud and abuse

A covered entity must obtain the individual's written authorization to use or disclose:

Psychotherapy notes

Covered entities must ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit.

True

Discussing a patient's health condition with the patient's friends and family members (caregivers) should be done by a physician or nurse in a private area away from others that may hear.

True

Knowingly disclosing PHI is a criminal activity and the penalties can escalate to unknown maximums.

True

The HIPAA privacy Rule protects all PHI, electronic, verbal and written.

True

The HITECH Act was signed into law to promote the adoption and meaningful use of health information technology.

True