HIPAA Training
In the event of a conflict between HIPAA and state law, state law preempts HIPAA unless HIPAA is stricter
FALSE, "The general standard is that if a state law is more protective of the patient, then it takes precedence over HIPAA". If a state law is less stringent than HIPAA, then HIPAA takes over.
Physical safeguards include Facility Access Controls, Guidelines on Workstation Use and Security, Medical Controls and Security Locks
FALSE, The Facility Access Controls standards has 4 implementation specifications that addressable: 1.ContingencyOperations(Addresable 2. Facility Security Plan (Addressable) 3. Access Control and Validation Procedures (Addressable) 4.Maintenance Records (Addressable)
According to the Security Rule, it is never permissible to use the internet to transmit PHI
FALSE, The Security Rule does not expressly prohibit the use of email for sending e-PHI. However, the standards for access control, integrity, and transmission security require covered entities to implement policies and procedures to restrict access to, protect the integrity of, and guard against unauthorized access to e-PHI.
There are 3 separate regulations referred to as the Privacy Rule, Security Rule and Information Rule.
False, The three key properties that underpin privacy and security under the Health Insurance Portability and Accountability Act (HIPAA) are availability, confidentiality, and integrity. Availability is the property that data or information is accessible& useable upon demand by an authorized person. Confidentiality is the property that data / information is not made available / disclosed to unauthorized persons / processes. Integrity is the property that data or information have not been altered or destroyed in an unauthorized manner.
As a general rule, a covered entity may not use or disclose protected health info for purposes other than treatment, payment and healthcare operations without the patients written authorization
True
Except in certain circumstances individuals have the right to review and obtain a copy of their protected heath info
True
HIPAA regulations cover a broad scope and impact virtually every department of every entity that has access to personal health info
True
One primary purpose of HIPAA is to protect people from losing their health insurance if they change jobs or have pre-existing health conditions
True
The HIPAA Privacy and Security Rules dictate that all who may come into contact with protected health inf go through training on HIPAA policy
True
The Security Rule portion of HIPAA also requires that administrative, physical and technical safeguards are in place to prevent the improper use or disclosure of PHI
True