Castlebranch: HIPPA

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

A set of members of a health plan have authorized the health plan to use specific parts of their PHI in a marketing campaign. Which of the following is true about this activity by the health plan?

The health plan must only use the minimum necessary information

Which of the following requires authorization from the patient for disclosure of PHI? Select all that apply.

A husband asks for his wife's diagnosis at a physician's office

Which of the following would NOT be considered marketing communication?

A medical practice introduces a new physician to patients

Individuals do not have the right to request amendments to their medical records.

False

Which of the following are considered HIPAA privacy administrative requirements?

All of the above

Which of the following are general security rules under HIPAA?

All of the above

Which of the following must appear on a covered entity's NPP?

All of the above

Which of the following would be considered protected health information?

All of the above

Psychotherapy notes are treated exactly the same as other health care information.

False

A business associate does not need to do risk analysis and management.

False

A covered entity creates a process that ensures that data it receives and transmits is correct and in the same state it was before the transaction. What kind of technical safeguard is this considered to be?

Integrity control

A hospital reports specific cases of an outbreak of a communicable disease to a public health authority. This is permissible because

It is in the public interest

A hospital receives a request to provide a patient's medical record to a correctional facility. The patient then requests an accounting of disclosures. Does the hospital need to include the disclosure to the correctional facility? Why or why not?

No; this use or disclosure is permitted and does not need to be included

Which of the following is considered part of a designated record set? (select all that apply)

Patient's diagnosis Patient's treatment plan Patient's billing record

Which of the following is NOT a permitted use of protected health information under HIPAA?

Patient's medical diagnosis given to an outside caller

What type of safeguard limits access to locations where PHI is kept and maintained?

Physical safeguard

What is the first step a covered entity is expected to take, according to HIPAA standards, if one of its business entities has violated a standard or a breach has occurred?

Take reasonable steps to resolve it

Covered entities are required to provide PHI and medical information when it is requested by the individual.

True

Implementing appropriate security measures should be part of a covered entity's risk analysis.

True

The same covered entities that must comply with HIPAA privacy standards are also required to comply with HIPAA security standards.

True


Ensembles d'études connexes

Maternal-Child Final (1-9, 33-39, 41-45, 55)

View Set

M13 Chapter 9: Four-Wheel Alignment, Part 1 Primary Angles

View Set

Management of Information Security Notes Chapter 10- Planning for Contingencies

View Set

Which bone articulates with which bone(s)?

View Set

Art History II- Impressionism and Post Impressionism movements

View Set