HIPAA Training

Ace your homework & exams now with Quizwiz!

The administrative requirements of HIPAA include all of the following EXCEPT:

Using a firewall to protect against hackers.

What is the key to HIPAA compliance?

Education

Match the categories of the HIPAA Security standards with their examples: 1. Administrative: 2. Physical: 3. Technical safeguard:

1. Administrative: policies, procedures and internal audits. 2. Physical: doors locked, screen saves/lock, fire prof of records locked. 3. Technical safeguard: passwords, security logs, firewalls, data encryption.

Match the following two types of entities that must comply under HIPAA: 1. Covered Entities: 2. Business Associates:

1. Covered Entities: Healthcare Providers, Health Plans, Healthcare Cleringhouses. 2. Business Associates: Third parties that perform services for or exchange data with Covered.

Match the following components of the HIPAA transaction standards with description: 1. HIPAA Standardized Transactions: 2. Code Sets: 3. Unique Identifiers:

1. HIPAA Standardized Transactions: Standard transactions to streamline major health insurance processes. 2. Code Sets: Standard for describing diseases. 3. Unique Identifiers: Standard for identification of all providers, payers, employers and...

Match the two HIPPA standards 1. Privacy Standards: 2. Security Standards:

1. Privacy Standards: Standards for controlling and safeguarding PHI in all forms. 2. Security Standards: Standards for safeguarding of PHI specifically in electronic form

Under HIPPA, an individual has the right to request: a. Access to their PHI. b. A copy of their PHI. c. A correction to their PHI. d. An accounting of where their PHI has been disclosed. E. All of the Above.

All of the Above

The Security Rule allows covered entities and business associates to take into account: a. Their size, complexity, and capabilities. b. Their technical infrastructure, hardware, and software security capabilities. c. The costs of security of potential risks to ePHI. d. Their access to and use of ePHI. e. All of the above

All of the above

ARRA stands for which of the following?

American Recovery and Responsibility Act

All of the following are true about Business Associate Contracts EXCEPT?

Business Associate are NOT required to obtain "satisfactory assurances" (i.e., that their PHI will be protected as required by HIPAA law) form their subcontractors.

Penalties for non-compliance can be which of the following types?

Civil and Criminal

Which of the following is NOT a requirement of the HIPAA Privacy standards?

Contracts with covered entities and subcontractors

Which of the following are EXEMPT from the HIPAA Security Rule?

Covered entities or business associates that do not create, receive, maintain or transmit ePHI

Who enforces HIPAA?

Department of Health and Human Services

Which of the following is NOT a covered entity?

Employer

Which one of the following is Not a Covered entity?

Employer

HITECH stands for which of the following?

Health Information Technology for Economic and Clinical Health

What does HIPAA stand for?

Health Insurance Portability and Accountability Act.

All of the following can be considered ePHI EXCEPT:

Paper claims records

The use of which of the following unique identifiers is controversial?

Patient ID (SSN)

What does PHI stand for?

Protected Health Information

All of the following are true regarding the Omnibus Rule EXCEPT:

The Omnibus Rule nullifies the previous HITECH regulations and introduces many new provisions into the HIPAA regulations

A Business Associate Contract must specify the following?

The permissible uses and disclosures that may be made of PHI by business associate

What is the main purpose for standardized transactions and code sets under HIPAA?

To provide a common standard for the transfer of healthcare information

All of the below are benefit of Electronic Transaction Standards Except:

Transaction rebates back to submitters

As part of insurance reform individuals can?

Transfer jobs and not be denied health insurance because of pre-exiting conditions

A Business Associate Contract is required between a covered entity and business associate if Protected Health Information (PHI) will be shared between the two.

True

In which of the following situations is a Business Associate Contract NOT required: a. With persons or organizations whose functions or services do note involve the use or disclosure. b. With a person or organizations that acts merely as a conduit for protected health information. c. With a financial institution that processes payments. d. All of the above

all of the above

Which of the follow is true regarding a Business Associate Contract? a. Is required between a covered entity and business associate if Protected Health Information (PHI) will be shared between the two. b. Is written assurance that a Business Associate will appropriately safeguard PHI that they use or have disclosed to them from a covered entity. c. Defines the obligations of a Business Associate. d. All of the above.

all of the above

The Administrative Simplification section of HIPAA consists of standards for the following areas: a. Transactions, Code sets, Unique identifiers. b. Privacy. c. security. d. All of the above

d. All of the above

Which one of the following is a Business Associate? a. Medical billing and collections company. b. Medical transcriptions company. c. IT Consultant d. all of the above

d. all of the above

The five titles under HIPPA fall logically into which two major categories:

Administrative Simplification and Insurance reform

The Security Rule's requirements are organized into which of the following three categories:

Administrative, Security, and Technical safeguards

All of the following are parts of the HITECH and Omnibus updates EXCEPT?

Ability to sell PHI without an individual's approval

The HIPAA Security Rule was specifically designed to: a. Protect the integrity, confidentiality, and availability of health information. b. Protect against unauthorized uses or disclosures. c. Protect against of the workforce and business associates comply with such safeguards d. All of the above.

All of the above.

Who must comply with the Security Rule?

Any person or organization that stores or transmits individually identifiable health information electronically

When should you promote HIPAA awareness?

At the very beginning the compliance process

All of the following are true regarding the HITECH and Omnibus updates EXCEPT

It guarantees portabil

Minimum Necessary Disclosure means using the minimum amount of PHI necessary to accomplish the intended purpose of the use or disclosure.

True

The HIPAA Security Rule is a technology neutral, federally mandated "floor" of protection whose primary objective is to protect the confidentiality, integrity and availability of individually identifiable health information in electronic form when it is stored, maintained, or transmitted

True

The HIPPA Privacy standards provide a federal floor for healthcare privacy and security standards and do NOT override more strict laws which potentially requires providers to support two systems and follow the more stringent laws. True or False

True

All of the following are implications of non-compliance with HIPAA EXCEPT:

public exposure that could lead to loss of market share

The Privacy and Security rules specified by HIPAA are reasonable and scalable to account for the nature of each organization's culture, size, and resources. Each organization will determine its own privacy policies and security practices within the context of the HIPPA requirements and its own capabilities needs.

true


Related study sets

World History - Unit 9: Practice Test

View Set

4.5 Mitochondria and Chloroplasts: Cellular Generators

View Set

Return on Investment | Formula, Calculation & Analysis - Chapter 11

View Set

American Red Cross Basic Life Support

View Set

Policy Riders, Provisions, Options and Exclusions

View Set

Ch 5s- Decision Theory LearnSmart

View Set

Week 2, Day 6 - 질문 (question)

View Set

NADN 165 OB - Exam 2, Chapters 9-16

View Set

cog exam 2 + 1 (review 1-4 and 4-9)

View Set

PRECISION NUTRITION Introduction What is good nutrition?

View Set