HIPAA Competency Test 2020 Trivia Quiz

1. Patients have the right to inspect and/or receive an electronic copy of their healthcare records.

True

False

It is part of the patient's rights that they can view and have access to their records.

Explanation

It is part of the patient's rights that they can view and have access to their records.

2. Forms of Sensitive Information exist in forms of:

Printed Information

Spoken

Electronic

All of the above

All three forms are ways of communication that information can travel between people.

Explanation

All three forms are ways of communication that information can travel between people.

3. An employee may only access or disclose a patient's PHI when this access is part of the employee's job duties.

True

False

Except in very limited circumstances, if an employee access or discloses PHI without a patient's written consent or without a job-related reason, the employee violates the privacy policy and HIPAA.

Explanation

Except in very limited circumstances, if an employee access or discloses PHI without a patient's written consent or without a job-related reason, the employee violates the privacy policy and HIPAA.

4. Which one of these statements is false based on the HIPAA Security Rule?

HIPAA Security Rule concentrates on safeguarding PHI by focusing on the confidentiality, integrity and availability of PHI.

Integrity means that data or information has not been altered or destroyed in an unauthorized manner.

Availability means that data or information is not accessible and not useable upon demand only by an authorized person.

Confidentiality means that data or information is not made available or disclosed to unauthorized persons or processes.

Availability means that data or information is accessible and is useable upon demand only by an authorized person.

Explanation

Availability means that data or information is accessible and is useable upon demand only by an authorized person.

5. Which are areas that employees need to be cautious when discussing patient information?

The nurse's station

The break room

Hallways

Restaurants

All of them are open areas in which your conversation can be overheard and can disclose sensitive information.

Explanation

All of them are open areas in which your conversation can be overheard and can disclose sensitive information.

Submit

6. A ___________ is lost, stolen, or improperly disposed of or hacked information.

A breach refers to the unauthorized access or exposure of sensitive information, either through theft, loss, improper disposal, or hacking. It signifies a security incident where confidential data is compromised, potentially leading to various consequences such as identity theft, financial loss, or reputational damage.

Explanation

A breach refers to the unauthorized access or exposure of sensitive information, either through theft, loss, improper disposal, or hacking. It signifies a security incident where confidential data is compromised, potentially leading to various consequences such as identity theft, financial loss, or reputational damage.

Submit

7. Data should be disposed the following ways:

Regular trash

It should be destroyed. It should be kept indefinitely.

Shredded or placed in locked drawer

Magnetic media should be wiped or physically destroyed.

These are appropriate ways to dispose of data.

Explanation

These are appropriate ways to dispose of data.

Submit

8. Match the following

Covered Entities

Identifiers under HIPAA

Civil penalties

Malware

`Business Associates

Submit

9. Which one of these is not supposed to be notified when there is a breach of information?

The individuals whose information was breached

The Texas State Attorney General

The Department of Health and Human Services

Employees in the company

Even though notifying the employees it is important so they are aware that it is occurred, it is not mandatory when having to notify about breaches.

Explanation

Even though notifying the employees it is important so they are aware that it is occurred, it is not mandatory when having to notify about breaches.

10. Fill in the Blank: Individuals who violate the Practice's Policy will be subject to: _________ _________ __________.

Individuals who violate the Practice's Policy will be subject to appropriate disciplinary action. This means that anyone who goes against the policies set by the Practice will face disciplinary consequences that are deemed suitable for their actions. This could include warnings, suspensions, or even termination depending on the severity of the violation. The disciplinary action will be chosen based on what is considered appropriate in order to maintain the integrity and adherence to the Practice's policies.

Explanation

Individuals who violate the Practice's Policy will be subject to appropriate disciplinary action. This means that anyone who goes against the policies set by the Practice will face disciplinary consequences that are deemed suitable for their actions. This could include warnings, suspensions, or even termination depending on the severity of the violation. The disciplinary action will be chosen based on what is considered appropriate in order to maintain the integrity and adherence to the Practice's policies.

Submit