HIPAA True/False

According to the Security Rule, it is never permissible to use the internet to transmit PHI

False

In the event of a conflict between HIPAA and state law, state law preempts HIPAA unless HIPAA is stricter

False

Physical safeguards include Facility Access Controls, Guidelines on Workstation Use and Security, Medical Controls and Security Locks

False

There are 3 separate regulations referred to as the Privacy Rule, Security Rule and Information Rule.

False

As a general rule, a covered entity may not use or disclose protected health info for purposes other than treatment, payment and healthcare operations without the patients written authorization

True

Except in certain circumstances individuals have the right to review and obtain a copy of their protected heath info

True

HIPAA regulations cover a broad scope and impact virtually every department of every entity that has access to personal health info

True

One primary purpose of HIPAA is to protect people from losing their health insurance if they change jobs or have pre-existing health conditions

True

The HIPAA Privacy and Security Rules dictate that all who may come into contact with protected health inf go through training on HIPAA policy

True

The Security Rule portion of HIPAA also requires that administrative, physical and technical safeguards are in place to prevent the improper use or disclosure of PHI

True