HIPAA: Privacy Compliance True or False
Protected Health Information is anything that connects a patient to his or her health information.
true
You must obtain patient agreement to use/disclose PHI for public health activities related to disease prevention.
false; You can use/disclose PHI without patient agreement for public health activities related to disease control and prevention.
An authorization must contain an expiration date.
true
Authorization must be obtained for any use/disclosure of PHI for marketing purposes.
true
If you need help understanding the rules, the Department of Health and Human Services is required to give you assistance.
true
In general, disclosure of PHI must be limited to the least amount needed to get the job done right.
true
After signing an authorization, the patient can decide to revoke it.
true
The Privacy Rule gives patients the right to take action if their privacy is violated.
true
To protect patient confidentiality, learn about your facility's patient privacy rights - and encourage others to do the same.
true
The Privacy Rule gives patients the right to request a history of routine disclosures.
false; The Privacy Rule gives patients the right to request a history of disclosures of their PHI, except for disclosures related to treatment, payment or healthcare operations, or with prior authorization.
The HIPAA Privacy Rule protects a patient's fundamental right to privacy and confidentiality.
true
The Notice of Privacy Practices gives patients notice about the use/disclosure of their PHI, as well as their rights in general.
true
PHI includes all health information that is used/disclosed-except PHI in oral form.
false; PHI includes all health or patient information in any form whether oral or recorded, on paper, or sent electronically.
PHI is disclosed when it is shared, examined, applied or analyzed.
false; PHI is disclosed when released, transferred, allowed to be accessed, or divulged outside the facility.
PHI is used when it is released, transferred, or allowed to be accessed or divulged outside the covered entity.
false; PHI is used when shared, examined, applied, or analyzed by a covered entity that receives or maintains it.
Using PHI for purposes not specified by the rule requires covered entities to get patient authorization.
true
You are called a covered entity if you are a healthcare provider, health plan, or healthcare clearinghouse who transmits health information in electronic form.
true
You are permitted to use/disclose PHI for treatment, payment and healthcare operations.
true
You are required to use/disclose PHI when authorized or requested by the individual patient.
true
You can use/ disclose PHI without patient agreement to report victims of abuse, neglect or domestic violence.
true