HIPAA quiz
What are some forms of data security safeguards?
- Administrative - Physical - Technical
In feneral a written HIPAA privacy notice contains:
- An explanation that pt info may be transmitted to 3rd parties for use in treatment decisions, payment, or other healthcare processes. - An explanation of the pt rights to see his or her own medical and billing records and make changes to anything that seems inaccurate. - Notification of the pt right to learn who has read the record
In an open computer network HIPAA requires the use of __________. In a closed system HIPAA allows __________ as controls.
- Data encryption - Sign on codes and passwords
technical safeguards are used to protect info through
- Encryption - Authentication programs
What are some permitted disclosures that do not require pt permission in reporting?
- Vital statistics - Communicable diseases - Adverse rx to drugs or medical devices to the FDA
As the first incremental step in healthcare reform, Congress passed the HIPAA act in:
1996
The privacy and data security portions of the Health Insurance Portability and Accountability ACT (HIPAA) was passed in
1996
One exception to confidentiality is:
A GSW
The Administrative Safeguards are largely handled by a facility's __________.
Administrators and privacy officer
In a hospital the obligation to maintain confidentiality applies to:
All medical and personal info
What is one good rule to prevent unauthorized access to computer data?
Blank the screen or turn off the computer when you leave it.
HiPAA regulations override any state laws which demand stricter privacy. (T/F)
False
The Dept of Health and Human Services considers the HIPAA security standards to be a maximum standards. (T/F)
False
The term "ICD-10-CM" refers to the 10th Independent Cateforization of the disease factors. (T/F)
False
In a convo, enough info to ID a pt may be revealed, even if the pt names are not used. (T/F)
True
The coming of computers in medicine has created new dangers for breach of confidentiality. (T/F)
True
The goal of your org info security info program is to protect the confidentiality, integrity, and availability of each pt health info. (T/F)
True
The issue of "healthcare portability" focused on protecting healthcare coverage for employees who change jobs and allowing them to carry existing plans with them (T/F)
True
The most common privacy violations were impermissible disclosures to unauthorized persons, often in casual conversations. (T/F)
True
The privacy rule states that protected health information can be data that is written, spoken, or in electronic format. (T/F)
True
At the extreme, anyone caught selling private health care info can be fined up to: a. $250,000 and 10 y in prison b. $25,000 and 1 y in prison c. $50.000 and 5 y in prison d. $100,000 and 10 y in prison
a. $250,000 and 10 y in prison
General info about a pt can be shared _________. a. When it is directly related to treatment b. Only when it is not related to treatment c. Only when the pt authorizes it specifically d. Only with other medical personnel
a. When it is directly related to treatment
Title I promotes renewability of coverage by prohibiting employee health plans from denying coverage to new employees based on all but which of the following? a. Health status b. Medical inaccuracies c. Genetic information d. Disability
b. Medical inaccuracies
The __________ is responsible to see that all healthcare workers are familiar with HIPAA ans its privacy rule and familiar with all the policies and procedure used to guard health info at the facility. a. HIPAA policymaker b. Privacy officer c. Compliance liaison d. None of the above
b. Privacy officer
One of the requirements of the Security Rule is to a. Limit the amount of visitors who can see a pt b. Protect against all reasonably anticipated threats or hazards to the security of electronic protected health info c. Convert all paper files to electronic docs
b. Protect against all reasonably anticipated threats or hazards to the security of electronic protected health info
The standardization of all codes has begun to make the electronic transfer of healthcare data a. More resistant to privacy violations b. Smoother and more accurate c. More problematic d. 100% accurate
b. Smoother and more accurate
The __________ is a unique 10-digit alphanumeric. a. Employee ID number b. ICD-10-CM c. National Provider Identifier d. ICDM-10-XB
c. National Provider Identifier
Title I of HIPAA covers a. Access b. Portability c. Renewability d. All of the above
d. All of the above
Which of the following types of conversations about pt constitute a violation of pt privacy? a. Convos in public areas b. Telephone convos c. Convos at home with friends and family d. All of the above
d. All of the above
The security rule deals specifically with protecting __________ data. a. Personal b. Medical c. Billing d. Electronic
d. Electronic