M.A: Legal Responsiblities
When did HIPAA become law? 1985 2003 1996 1970
1996
When are medical facilities required to notify patients of the privacy policy? At each visit At the first visit After one year Never
At the first visit
What is using discretion when handling protected health information? Confidentiality Privacy Ethics Disclosure
Confidentiality
What is the definition of Confidentiality?
Confidentiality is using discretion when handling protected health information
According to the Security Rule in HIPAA, which of the following is an example of a physical safeguard? Medical records should be password-protected. Employees should have security awareness training. Computer server rooms should be locked. All of the above
Computer server rooms should be locked.
What is Disclosure?
Disclosure is the release, transfer, or provision of access to protected health information.
Which of the following is an example of information that is obtained incidentally? Dr. Pierce discusses a patient's health condition on a cell phone in a restaurant. A waitress hears the conversation. Dr. Kemper discusses a health condition with a patient behind closed doors. A nurse outside the door hears the conversation. Dr. Morales discusses a health condition with a patient and her spouse. The spouse tells other family members. All of the above
Dr. Kemper discusses a health condition with a patient behind closed doors. A nurse outside the door hears the conversation.
According to HIPAA, a health insurance company can deny coverage to a person with pre-existing health conditions. True False
False
When health data is needed for research, the entire medical record is disclosed to the researchers. True False
False
What does HIPAA stand for? Heath Information Privacy and Accessibility Act Health Initiative to Protect Anonymity Act Health Insurance Portability and Accountability Act Health Issues for Patients in America Act
Health Insurance Portability and Accountability Act
What are the 3 safe guards needed when using an electronic record?
Physical, technical and administrative safeguards
What is the The Privacy Rule?
established nationwide standards that are used to protect private patient information.
According to the Privacy Rule, which item must be included in a record of disclosures of protected health information? Date of disclosure Name of the person or entity to whom information was disclosed Description of disclosure Reason for disclosure All of the above
All of the above
According to the Privacy Rule, which of the following is true about authorization? It must be signed and dated. It must be written in plain language. It must have an expiration date. It must state the right to refuse authorization. All of the above
All of the above
According to the Security Rule in HIPAA, which of the following is an example of a technical safeguard? Passwords should be updated frequently. Computers should have anti-virus software. Electronically transmitted information should be encrypted. All of the above
All of the above
Which of the following is a legal or public interest issue in which health information can be disclosed without authorization? A patient has been diagnosed with tuberculosis. A coroner needs dental records to identify an accident victim. A doctor observes signs of abuse on a female patient's body. A patient's medical record is needed as evidence in a trial. All of the above
All of the above
What is the term used to describe any individually identifiable health information about a patient? Private Medical Records (PMR) Protected Health Information (PHI) Personal Patient Data (PPD) Confidential Personal Information (CPI)
Protected Health Information (PHI)
What is Protected health information (PHI)?
Protected health information (PHI) is any individually identifiable health information about a patient.
Patients have a right to obtain a copy of their medical records. Which item is legally allowed to be kept from the patient? Health history Psychotherapy notes Surgeries Medication record
Psychotherapy notes
What is the name of the form that patients must sign to give permission to the medical facility to disclose health information? Release of Information form Amendment Request form Confidential Communications Form Disclosure form Notice of Privacy Policy form
Release of Information form
In the Privacy Rule, what is authorization? The written permission that patients give to disclose protected health information The approval that physicians must give to refer patients to a specialist The contract that patients make with insurance companies The verbal agreement between the patient and the medical facility All of the above
The written permission that patients give to disclose protected health information
In HIPAA, what is the name of the rule that required nationally standardized medical transactions and codes? Simplified Administration Rule for Health Transactions National Standards for Coding and Transacting Rule Health Standardization Rule Transaction and Code Set Rule
Transaction and Code Set Rule
According to the Privacy Rule in HIPAA, patients must provide written authorization before health information is released to anyone else. True False
True
According to the Privacy Rule, patients may request that medical facilities call them at a work phone number instead of a home phone number. True False
True
Patients may request amendments to their medical records. True False
True