Privacy and Security

¡Supera tus tareas y exámenes ahora con Quizwiz!

Exempt Health Information (5)

- A child is being abused - A baby is born to a patient - A patient dies - Court-ordered health information - A patient tests positive for HIV

Proper Maintenance (7)

- Records are complete - Writing is legible - Objective info by health care worker - Subjective info by patient - Line drawn through error - Records kept 7 years - Old records shredded

Protective Activities (6)

- Requiring codes to access info - Backing up data - Collecting printout from printer - Collecting original from copier - Shredding unneeded faxes - Not speaking about info in message

When did HIPAA become law? - 1985 - 1996 - 1970 - 2003

1996

Question #11 When are the medical facilities required to notify patients of the privacy policy? - At each visit - At the first visit - After one year - Never

After the first visit

There are no additional costs to electronic medical records. - True - False

False

Which of the following is NOT a way to protect information when using a fax machine?

Walk away while a fax is sent.

Michael Schmidt and his family had access to health insurance even after he lost his job.

Insurance Portability

Information that is shared between a physician and patient is privileged communication. - True - False

True

Unneeded printouts, copies, and faxes of confidential information should be thrown in trash cans. - True - False

False

When health data is needed for research, the entire medical record is disclosed to the researchers. - True - False

False

What does HIPAA stand for? - Health Insurance Portability and Accountability Act - Health Initiative to Protect Anonymity Act - Heath Information Privacy and Accessibility Act - Health Issues for Patients in America Act

Health Insurance Portability and Accountability Act

Whom do medical records belong to? - Health care providers - Patients - Employers - All of the above

Health care providers

58. Dr. Josef is recording his dictating notes in the emergency room and you hear him mention that the patient in the next room is a victim of domestic violence. Which of the following describes your knowledge of the situation according to HIPAA?

Incidental disclosure

Advantages in electronic medical records (5)

Instant access Remote access Simultaneous access Legible Flexible layout

52. Tina has a primary care physician, and is meeting with an orthopedic specialist today. How can the specialist obtain Tina's medical information from her primary care physician?

Tina will have to give authorization for her primary care office to release the records to the specialist.

Protected Health Information (4)

- A patient says she feels depressed - A patient's medical records - A patient's health care bill - A patient's health insurance info

Risky Activities (6)

- Saying Patients name around others - Placing monitor where others can see - Printing to wrong printer - Leaving copier unattended - Not verifying receiving fax number - Sending into in e-mail

Disadvantages in electronic records (5)

- Training - Computer downtime - Hardware and software costs - Difficult date entry - Resistance to giving up paper records

Improper Maintenance (5)

- Writing is illegible - Error Erased - Subjective info by health care worker - Records are incomplete - Old records thrown in trash can

After Jane Xavier filed an electronic insurance claim, it was processed within 5 days. She was pleased because just a few years ago, the claims process took about 30 days.

Administrative Simplification

According to the Privacy Rule, which item must be included in a record of disclosures of protected health information? - Date of disclosure - Name of the person or entity to whom information was disclosed - Description of disclosure - Reason for disclosure - All of the above

All of the above

According to the Privacy Rule, which of the following is true about authorization? - It must be signed and dated. - It must be written in plain language. - It must have an expiration date. - It must state the right to refuse authorization. - All of the above

All of the above

According to the Security Rule in HIPAA, which of the following is an example of a technical safeguard? - Passwords should be updated frequently. - Computers should have anti-virus software. - Electronically transmitted information should be encrypted. - All of the above

All of the above

What protective measures should be taken to ensure that electronic medical records are confidential and secure? - Using passwords, fingerprints, voice recognition, and eye patterns - Placing monitors where others cannot see the screen - Not sending confidential information via e-mail - Backing up data - All of the above

All of the above

Which of the following is a legal or public interest issue in which health information can be disclosed without authorization? - A patient has been diagnosed with tuberculosis. - A coroner needs dental records to identify an accident victim. - A doctor observes signs of abuse on a female patient's body. - A patient's medical record is needed as evidence in a trial. - All of the above

All of the above

Which of the following is a type of abuse that should be reported to the proper authorities?

All of the above

Who is affected by a breach of confidential patient information? - The patient - The person responsible for the breach - The facility - All of the above

All of the above

The permission that patients give in writing in order to disclose protected health information

Authorization

According to the Security Rule in HIPAA, which of the following is an example of a physical safeguard? - Medical records should be password-protected. - Employees should have security awareness training. - Computer server rooms should be locked. - All of the above

Computer server rooms should be locked

Using discretion when handling protected health information

Confidentiality

What is using discretion when handling protected health information? - Privacy - Ethics - Disclosure - Confidentiality

Confidentiality

The release, transfer, or provision of access to protected health information

Disclosure

Which of the following terms means releasing, transferring, or providing access to protected health information?

Disclosure

Which of the following is an example of information that is obtained incidentally? - Dr. Pierce discusses a patient's health condition on a cell phone in a restaurant. A waitress hears the conversation. - Dr. Kemper discusses a health condition with a patient behind closed doors. A nurse outside the door hears the conversation. - Dr. Morales discusses a health condition with a patient and her spouse. - The spouse tells other family members. - All of the above

Dr. Kemper discusses a health condition with a patient behind closed doors.

How should a documentation error be corrected?

Draw a line through the error, add the correct information, initial, and date.

Which of the following is TRUE of electronic medical records?

Electronic medical records are better organized.

What type of abuse includes excessive demands, insults, humiliation, jealousy, control, isolation, stalking, threats, lack of affection, and lack of support? - Emotional abuse - Physical abuse - Sexual abuse - All of the above

Emotional abuse

14. Which of the following is a purpose of HIPAA?

Ensure that a patient's medical information is private

According to HIPAA, a health insurance company can deny coverage to a person with pre-existing health conditions. - True - False

False

Breaches of confidential patient information never have serious consequences. - True - False

False

Errors in medical records should be erased or covered with correction fluid. - True - False

False

54. Kelsey is a health care worker who must call Mr. Grimm with the results of his blood tests. When Kelsey calls, no one picks up the phone and the answering machine plays. What should Kelsey do?

Leave a message with the name of the facility where she is calling, and a phone number where she can be reached.

A patient has requested a copy of his medical record in writing. As the office assistant, what should you do?

Make copies of everything but psychotherapy notes within 30 days.

With whom can patient information be shared without the patient's permission? - Patient's attorney - Patient's family members - Patient's other health care providers at a practice - All of the above

Patient's other health care providers at a practice

The patients' right to control the use of their protected health information

Privacy

Lydia Wilson signed a Release of Information form that gave her family doctor permission to share her medical records with her obstetrician.

Privacy of Health Information

49. Which of the following is information that is shared within a protected relationship?

Privileged communication

Any individually identifiable health information about a patient

Protected Health Information

What is the term used to describe any individually identifiable health information about a patient? - Personal Patient Data (PPD) - Confidential Personal Information (CPI) - Private Medical Records (PMR) - Protected Health Information (PHI)

Protected Health Information (PHI)

Patients have a right to obtain a copy of their medical records. Which item is legally allowed to be kept from the patient? - Health history - Medication record - Psychotherapy notes - Surgeries

Psychotherapy notes

Rhonda, a medical assistant, believes a patient is giving false information. How should Rhonda document the information?

Put the patient's exact words in quotation marks.

What is the name of the form that patients must sign to give permission to the medical facility to disclose health information? - Disclosure form - Confidential Communications Form - Release of Information form - Notice of Privacy Policy form - Amendment Request form

Release of Information form

Which of the following should be done when copying confidential information?

Remain by the copier and make sure to collect the original item.

55. Jana does not want to receive calls from her health care provider at her home number. What should Jana do?

Request that calls be made to another phone number, such as a cell phone or work phone.

Fairview Hospital installed a fingerprint-activated security system to the medical records department.

Security of Electronic Records

51. Which of the following is NOT a way to safeguard electronic medical records?

Send all confidential information by e-mail.

50. Vivian is a nurse at a children's hospital. A 10-year-old boy confides in Vivian that he has been abused by his parents, but he begs her not to tell anyone. What should Vivian do?

She should report the abuse to the proper authorities.

What is the best way to dispose of confidential information in a health care facility?

Shred it.

What may be included in medical records? - Subjective statements made by patients - Subjective observations made by health care workers - All of the above

Subjective statements made by patients

In the Privacy Rule, what is authorization? - The written permission that patients give to disclose protected health information - The approval that physicians must give to refer patients to a specialist - The contract that patients make with insurance companies - The verbal agreement between the patient and the medical facility - All of the above

The written permission that patients give to disclose protected health information

56. If an employer pays for a job-related physical examination, which of the following is TRUE?

The employer has rights to the medical records.

53. Mrs. Marshall calls her husband's health insurance provider to clarify a service coverage issue. Which of the following is TRUE?

The insurance provider will not speak with Mrs. Marshall unless her husband has given the company permission to do so.

In HIPAA, what is the name of the rule that required nationally standardized medical transactions and codes? - Health Standardization Rule - National Standards for Coding and Transacting Rule - Simplified Administration Rule for Health Transactions - Transaction and Code Set Rule

Transaction and Code Set Rule

According to the Privacy Rule in HIPAA, patients must provide written authorization before health information is released to anyone else. - True - False

True

According to the Privacy Rule, patients may request that medical facilities call them at a work phone number instead of a home phone number. - True - False

True

Patients may request amendments to their medical records. - True - False

True

When leaving telephone messages, health care workers should not speak about any confidential information. - True - False

True

With electronic medical records, users are able to remotely access to up-to-date information. - True - False

True


Conjuntos de estudio relacionados

First Four Provinces - Canada West, Canada East, New Brunswick, Nova Scotia

View Set