Self-Test on HIPAA Material
At the extreme, anyone caught selling private health care information can be fined up to:
$250,000 and 10 years in prison
Title I of HIPAA covers:
* Access * Portability * Renewability
As the first incremental step in healthcare reform, Congress passed the HIPAA act in:
1996
which of the following are types of data security safeguards?
Administrative Physical Technical
the Administrative Safeguards are largely handled by a facility's ________.
Administrators and privacy officer
in a hospital, the obligation to maintain confidentiality applies to _____.
All medical and personal information
In general, a written HIPAA privacy notice contains:
An explanation that patient information may be transmitted to third parties for routine use in treatment decisions, payment, or other healthcare processes An explanation of the patient's right to see his or her own medical and billing records and make changes to anything that seems inaccurate Notification of the patient's right to learn who has read the records
the security rule applies to which of the following forms of electronic health information:
B. any healthy status information D. any information about the provision of health care E. any information about payment for health care that can be linked to a specific person G. the patients name, birth date and social security number
from the list proceed here, identify the five rules of administrative simplification contained in the Title II of HIPAA:
C. Privacy Rule D. Transactions and Code Sets Rule F. Security Rule H. Unique Identifiers Rule I. Enforcement Rule
The coming of computers in medicine has ______.
Created new dangers for breach of confidentiality
In an open computer network such as the internet, HIPAA requires the use of _____. In a closed system such as a local area network, HIPAA allows _____ as controls.
Data encryption; Sign-on codes and passwords
HIPAA regulations override any state laws which demand stricter privacy.
False
The term "ICD-10-CM" refers to 10th Independent Categorization is disease factors.
False
the department of health and human services considers the HIPAA security standards to be a maximum standard.
False
Title I promotes renewability of coverage by prohibiting employee health plans from denying coverage to new employees based on all but which of the following?
Medical inaccuracies
the _______ is a unique ten-digit alphanumeric.
National Provider Identifier (NPI)
one of the requirements of the Security Rule is to:
Protect against all reasonably anticipated threats or hazards to the security of electronic protected health information
The Privacy rule states that protected health information can be data that is written, spoken, or in electronic form.
True
in a conversation, enough information to identify patients may be revealed, even if patient names are not used.
True
the issue of "healthcare portability" focused on protecting healthcare coverage for employees who change jobs and allowing them to carry their existing plans with them.
True
Among the permitted disclosures that do not require patient permission are reporting:
Vital statistics Communicable diseases Adverse reactions to drugs or medical devices to the FDA
in general, information about a patient can be shared _________.
When it is directly related to treatment
One good rule to prevent unauthorized access to computer data is to:
blank the screen or turn off the computer when you leave it.
of the following types of conversations about patients, the one(s) that constitute(s) a violation of patient privacy is:
conversations in public areas telephone conversations conversations at home with friends and family
The security rule deals specifically with protecting ___________ data.
electronic
technical safeguards are used to protect information through the use of:
encryption and authentication programs
one exception to confidentiality is ____.
gunshot wound
the privacy and data security portions of the Health Insurance Portability and Accountability Act (HIPAA) was passed ______.
in 1996
the _________ is responsible to see that all healthcare workers are familiar with HIPAA and its privacy rule, and familiar with all the policies and procedures used to guard protected health information in the facility.
privacy officer
The standardization of all codes has begun to make the electron it transfer of healthcare data:
smoother and more accurate
the goal of your organizations information security program is to protect the confidentiality, integrity, and availability of each patients health information.
true
the most common privacy violations were impermissible disclosures to unauthorized persons, often in casual conversation.
true
