HIPPA Classroom

The HITECH Act:

All of the above.

The Security Rule set up national standards for the protection of an individual's health information that is:

All of the above.

Written authorization is required for:

All of the above.

Entities that transport PHI, but do not access, use, or disclose the information are business associates.

False

Only the Emergency Department must provide a notice of its privacy practices.

False

Which of the following is not a protected identifier?

Favorite color.

A covered entity must obtain the individual's written authorization to use or disclose:

PHI for public interest and benefit activities.

PHI is an acronym for:

Protected Health Information

De-identified information is PHI stripped of identifiers in a manner that results in information that is no longer protected by the Privacy Rule.

True

Hospitals are "covered entities" and therefore must comply with the Privacy Rule.

True

Individual authorization must be received before the sale of PHI.

True

Individual authorization must be received before using PHI for marketing.

True

The HITECH Act was signed into law to promote the adoption and meaningful use of health information technology.

True

The Office for Civil Rights is responsible for administering and enforcing the HIPAA rules.

True

The use or disclosure of genetic information for underwriting purposes is prohibited.

True