HIPAA Quiz
Which of the following are requirements under the HIPAA privacy regulations?
All of the above
Which of the following is a procedure that protects the confidentiality of patient information?
All of the above
True or False: A health care provider may give information regarding a patient's drug dosage to the patient's health aide who calls the provider with questions about the particular prescription.
True
True or False: Each healthcare agency and provider are required to give patients a clear written explanation of how a provider or plan will use, keep, and disclose information.
True
When can PHI be released to a non-health care agency, such as a life insurer or bank?
Upon patient's signature of a specific authorization form
Does HIPAA require that a health care provider document a patient's decision to allow the provider to share his or her health information with a family member, friend, or other person involved in the patient's care or payment for care?
Yes
Fill in the blank: If there is a PHI breach, patients must be notified in writing within __ days of the date that anyone in the organization became aware of the incident.
60 Days
Healthcare agencies must have policies that provide guidelines for
A and B
In situations where there is a breach of PHI, what is required by HIPAA?
All of the above
A hospital or physician practice is required to protect the privacy of health information in what form?
Any form - verbal, paper, and/or electronic
Contrary to policy, an employee looks in the electronic medical record of a celebrity to determine the reason for the celebrity's recent hospitalization. While dining in the cafeteria, the employee's manager overhears the employee telling a co-worker about the celebrity. The BEST next step for the manager is to
Explain to the employee that sharing the celebrity's hospitalization information with others is an inappropriate disclosure of PHI and report the incident to the Privacy Official and Human Resources for further follow-up.
True or False: If the patient is not present or is incapacitated, a health care provider may not share the patient's health information with family, friends, or others involved in the patient's care or payment for care.
False
If you receive a request from a trusted co-worker to share more PHI/PII than necessary to answer a question, what is your best response?
Indicate that only the minimum necessary information can be shared and work to provide only the information necessary to answer the question.
If you suspect a fellow employee of violating privacy policies, you should
Report your suspicions to your supervisor
True or False: "Minimum necessary" means, when PHI is used, disclosed, or requested, reasonable efforts must be taken to determine how much information will be sufficient to serve the intended purpose.
True
True or False: A doctor may give information about a patient's mobility limitations to the patient's sister who is driving the patient home from the hospital.
True
True or False: A health care provider may discuss a patient's health information over the phone with the patient's family, friends, or others involved in the patient's care or payment for care without proof of who the person is?
True
True or False: It is the duty of every healthcare provider and agency to protect the confidentiality and privacy of patient healthcare information. select
True
If the patient is present and has the capacity to make health care decisions, when does HIPAA allow a health care provider to discuss the patient's health information with the patient's family, friends, or others involved in the patient's care or payment for care?
When the patient agrees or does not object
Patients have a right to:
all of the above
