HIPPA assessment

Please select the answer that is NOT true. If you need to see patient information to perform your job, then access to the required information is allowed. You are authorized to access only the records of a patient under your direct care. "Just looking" is a serious breach of patient privacy and confidentiality. If a patient has drawn intense media scrutiny, the Minimum Necessary Standard does not apply. If you do not need to know the information to perform your job, accessing confidential patient information can be subject to corrective action.

If a patient has drawn intense media scrutiny, the Minimum Necessary Standard does not apply.

A breach of a person's health privacy can have significant implications for them, such as: Job loss Alienation of family and friends Public humiliation All of the answers are correct

All of the answers are correct

Breaches of unsecured PHI are put through a risk assessment test to determine if they must be reported, the assessment considers: The nature and extent of the PHI involved Who the PHI was disclosed to and whether they viewed it Mitigation efforts All of the answers are correct

All of the answers are correct

Which of the following are potential consequences of failing to adhere to HIPAA regulations: Termination of employment Being barred from practicing healthcare for a lifetime Exclusion from employment with any Medicare provider Civil and criminal penalties, including incarceration, and lawsuits for breach of confidentiality All of the answers are correct

All of the answers are correct

Which of the following are ways that PHI may be inadvertently disclosed? Conversations in public areas or on the telephone Papers left on the copier or fax machine Trash that is not properly shredded or disposed All of the answers are correct

All of the answers are correct

Which of the following statements best describes the purpose of HIPAA Notice of Privacy Practices? Informing the patient about the history of HIPAA requirements and regulations. Explaining the doctor's rights in gathering a patient's personal medical information. Notifying the patient how the facility may use or disclose their Protected Health Information (PHI). Monitoring the activities of patients on a daily basis.

Notifying the patient how the facility may use or disclose their Protected Health Information (PHI).

You are working on a health information document that doesn't include your patient's name but does include your patient's home address and birth date, is this considered PHI? Yes, as their address and birth date could be used to identify them. No, since it does not include their name it is not PHI.

Yes, as their address and birth date could be used to identify them.

HIPAA rules allow you to work on a patient's records after your shift by printing the records or saving them to a flash drive and bringing them home with you. True False

false

Which of the following is not subject to documentation requirements under HIPAA? Audit trails of logged security incidents Passwords of all associates Evaluation reports Results of any corrective actions taken to remedy problems

passwords of all associates

Which of the following entities has the ability to approve who may use or disclose PHI according to HIPAA regulations? Healthcare facility Patients Healthcare industry Doctors

patients

Accidental disclosure of PHI will not happen through: the copy machine the fax machine information written on a note pad properly shredded trash

properly shredded trash

Any authorization previously given by a patient can be cancelled or revoked if the patient submits a written request. True False

true

As a healthcare professional it is your responsibility to make sure that you respect the patients' right to confidentiality and privacy. True False

true

Each patient has the right to request a copy of their Protected Health Information. True False

true

Everyone should have their own login ID and password. True False

true

HIPAA Regulations are in place to benefit the patients, healthcare facility, and healthcare industry. True False

true

Logging in with your password allows the facility to track what information you are accessing. True False

true

Protected Health Information is any information that is linked to any personal identifying information. True False

true

Removing patient records from the facility in any form (photocopying, emailing, texting, flash drives, screen capturing, etc.) is a serious breach of HIPAA safeguards and a federal offense subject to criminal prosecution. True False

true

Your log-in attempts are monitored by your facility. True False

true