HIPAA Competency Test 2018

1. Forms of Sensitive Information exist in forms of:

Printed Information

Spoken

Electronic

All of the above

All three forms are ways of communication that information can travel between people.

Explanation

All three forms are ways of communication that information can travel between people.

2. Patients have the rights to inspect and/or receive an electronic copy of their healthcare records.

True

False

It is part of the patient's rights that they can view and have access to their records.

Explanation

It is part of the patient's rights that they can view and have access to their records.

3. True or False: An employee may only access or disclose a patient's PHI when this access is part of the employee's job duties.

True

False

Except in very limited circumstances, if an employee access or discloses PHI without a patient's written consent or without a job related reason, the employee violates the privacy policy and HIPAA.

Explanation

Except in very limited circumstances, if an employee access or discloses PHI without a patient's written consent or without a job related reason, the employee violates the privacy policy and HIPAA.

4. Which are areas that employees need to be cautious when discussing patient information.

The nurse's station

The break room

Hallways

Restaurants

All of them are open areas in which your conversation can be overheard and can disclose sensitive information .

Explanation

All of them are open areas in which your conversation can be overheard and can disclose sensitive information .

Submit

5. A ___________ is lost, stolen, or improperly disposed of or hacked information.

A breach refers to the loss, theft, improper disposal, or hacking of information. This can occur when sensitive data is accessed, disclosed, or used without authorization. A breach can result in the compromise of personal or confidential information, leading to potential harm or misuse of the data.

Explanation

A breach refers to the loss, theft, improper disposal, or hacking of information. This can occur when sensitive data is accessed, disclosed, or used without authorization. A breach can result in the compromise of personal or confidential information, leading to potential harm or misuse of the data.

Submit

6. Which one of these statements are false based on the HIPAA Security Rule

HIPAA Security Rule concentrates on safeguarding PHI by focusing on the confidentiality, integrity and availability of PHI.

Integrity means that data or information has not been altered or destroyed in an unauthorized manner.

Availability means that data or information is not accessible and not useable upon demand only by an authorized person.

Confidentiality means that data or information is not made available or disclosed to unauthorized persons or processes.

Availability means that data or information is accessible and is useable upon demand only by an authorized person.

Explanation

Availability means that data or information is accessible and is useable upon demand only by an authorized person.

7. Match the following

Covered Entities

Identifiers under HIPAA

Civil penalties

Malware

`Business Associates

Submit

8. Data should be disposed the following ways:

Regular trash

It should be destroyed. It should be kept indefinitely.

Shredded or placed in locked drawer

Magnetic media should be wiped or physically destroyed.

These are appropriate ways to dispose of data.

Explanation

These are appropriate ways to dispose of data.

Submit

9. Which one of these is not supposed to be notified when there is breach of information?

The individuals whose information was breached

The Texas State Attorney General

The Department of Health and Human Services

Employees in the company

Even though notifying the employees it is important so they are aware that is occured, it is not mandatory when having to notify about breaches.

Explanation

Even though notifying the employees it is important so they are aware that is occured, it is not mandatory when having to notify about breaches.

10. Fill in the Blank: Individuals who violate the Practice's Policy will be subject to: _________ _________ __________.

Individuals who violate the Practice's Policy will be subject to appropriate disciplinary action. This means that if someone goes against the policies set by the Practice, they will face consequences that are suitable and fitting for their actions. The disciplinary action could vary depending on the severity of the violation, but it will be the appropriate measure taken to address and correct the misconduct.

Explanation

Individuals who violate the Practice's Policy will be subject to appropriate disciplinary action. This means that if someone goes against the policies set by the Practice, they will face consequences that are suitable and fitting for their actions. The disciplinary action could vary depending on the severity of the violation, but it will be the appropriate measure taken to address and correct the misconduct.

Submit