Privacy, confidentiality, and electronic security are important concepts to Rush because:

They allow patients to feel comfortable sharing information with their caregivers.

They allow Rush to demonstrate our commitment to guarding the privacy and security of patient information.

They allow us to continue to provide excellent patient care.

Which of the following examples is NOT a common work practice that protects the confidentiality of patient information?

Limiting the number of visitors who can see a patient.

Keeping records locked when not in use.

Limiting the number of visitors who can see a patient.

Limiting the number of people who can look at patient records.

Keeping computer systems logged out of patient information systems when not in use.

Which of the following is not a patient’s right under HIPAA?

Right to receive a user ID and password for all electronic applications in which their information is stored.

Right to access their information.

Right to restrict their information.

Right to amend their information.

Violations of the privacy, confidentiality, and electronic security of patient information can be reported by:

Calling the Rush Privacy Hotline toll free at 877-RUSH-009.

Calling or stopping by the Rush Privacy Office at 707 S. Wood St. (the Annex building), Suite 317, 312-942-4416.

All employees are obligated to do which of the following?

Complete annual HIPAA Privacy and Security Training.

Comply with all Rush HIPAA Privacy and Security policies.

Report all violations of privacy, confidentiality, and electronic security of patient information.

What questions should you ask yourself before looking at a patient’s protected health information?

What is the least amount of information I need to do my job?

Do I have my own approved and valid user ID and password that would allow me to access this information?

Do I need to know this information in order to do my job?

Snow City Arts HIPAA Test 2015

1.

Privacy, confidentiality, and electronic security are important concepts to Rush because:
- A.
  
  They allow patients to feel comfortable sharing information with their caregivers.
- B.
  
  They allow Rush to demonstrate our commitment to guarding the privacy and security of patient information.
- C.
  
  They allow us to continue to provide excellent patient care.
- D.
  
  All of the listed responses.
Correct Answer
D. All of the listed responses.

Explanation
Privacy, confidentiality, and electronic security are important concepts to Rush because they allow patients to feel comfortable sharing information with their caregivers. This is crucial for building trust and ensuring open communication between patients and healthcare providers. Additionally, these concepts demonstrate Rush's commitment to protecting the privacy and security of patient information, which is essential in maintaining patient confidentiality and complying with legal and ethical standards. By prioritizing privacy, confidentiality, and electronic security, Rush can continue to provide excellent patient care while respecting patients' rights and maintaining their trust.

Rate this question:
2.

Which of the following examples is NOT a common work practice that protects the confidentiality of patient information?
- A.
  
  Keeping records locked when not in use.
- B.
  
  Limiting the number of visitors who can see a patient.
- C.
  
  Limiting the number of people who can look at patient records.
- D.
  
  Keeping computer systems logged out of patient information systems when not in use.
Correct Answer
B. Limiting the number of visitors who can see a patient.

Explanation
Limiting the number of visitors who can see a patient is not a common work practice that protects the confidentiality of patient information. While the other options mentioned, such as keeping records locked when not in use, limiting access to patient records, and logging out of patient information systems, all focus on restricting access to patient information, limiting the number of visitors does not directly address the protection of patient confidentiality.

Rate this question:
3.

All patient requests for restrictions or amendments must be forwarded immediately to the Rush Privacy Office.
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
The statement indicates that all patient requests for restrictions or amendments should be immediately sent to the Rush Privacy Office. This suggests that the organization has a policy in place to handle such requests and prioritize patient privacy. Therefore, the answer "True" implies that the organization follows this practice.

Rate this question:
4.

The HIPAA Privacy and Security regulations give patients federal rights concerning their protected health information.
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
The HIPAA Privacy and Security regulations are designed to protect patients' rights regarding their protected health information. These regulations ensure that patients have control over their personal health information and have the right to access, request corrections, and limit the disclosure of their information. By implementing these regulations, patients are given federal rights to maintain the privacy and security of their health information. Therefore, the statement that the HIPAA Privacy and Security regulations give patients federal rights concerning their protected health information is true.

Rate this question:
5.

Which of the following is not a patient’s right under HIPAA?
- A.
  
  Right to receive a user ID and password for all electronic applications in which their information is stored.
- B.
  
  Right to access their information.
- C.
  
  Right to restrict their information.
- D.
  
  Right to amend their information.
Correct Answer
A. Right to receive a user ID and password for all electronic applications in which their information is stored.

Explanation
The right to receive a user ID and password for all electronic applications in which their information is stored is not a patient's right under HIPAA. HIPAA grants patients the right to access their information, the right to restrict their information, and the right to amend their information. However, it does not specifically guarantee the right to receive a user ID and password for electronic applications.

Rate this question:
6.

Only employees who need to access patient records have a role in protecting patient privacy and confidentiality.
- A.
  
  True
- B.
  
  False
Correct Answer
B. False

Explanation
This statement is false because protecting patient privacy and confidentiality is not solely the responsibility of employees who need to access patient records. All employees, regardless of their role, have a role in protecting patient privacy and confidentiality. This includes following privacy policies and procedures, keeping patient information secure, and maintaining confidentiality in all aspects of their work. It is a collective responsibility to ensure patient privacy and confidentiality is maintained.

Rate this question:
7.

Violations of the privacy, confidentiality, and electronic security of patient information can be reported by:
- A.
  
  Calling the Rush Privacy Hotline toll free at 877-RUSH-009.
- B.
  
  Calling or stopping by the Rush Privacy Office at 707 S. Wood St. (the Annex building), Suite 317, 312-942-4416.
- C.
  
  Talking to your supervisor.
- D.
  
  All of the listed responses.
Correct Answer
D. All of the listed responses.

Explanation
All of the listed responses provide ways to report violations of privacy, confidentiality, and electronic security of patient information. Calling the Rush Privacy Hotline, contacting the Rush Privacy Office, and talking to one's supervisor are all valid and effective methods for reporting such violations. Therefore, the correct answer is that all of the listed responses are appropriate.

Rate this question:
8.

All employees are obligated to do which of the following?
- A.
  
  Complete annual HIPAA Privacy and Security Training.
- B.
  
  Comply with all Rush HIPAA Privacy and Security policies.
- C.
  
  Report all violations of privacy, confidentiality, and electronic security of patient information.
- D.
  
  All of the listed responses.
Correct Answer
D. All of the listed responses.

Explanation
The correct answer is "All of the listed responses." This means that all employees are required to complete annual HIPAA Privacy and Security Training, comply with all Rush HIPAA Privacy and Security policies, and report any violations of privacy, confidentiality, and electronic security of patient information.

Rate this question:
9.

It is OK to share your user ID and passwords with a colleague if you are out of the office and won’t be using them.
- A.
  
  True
- B.
  
  False
Correct Answer
B. False

Explanation
Sharing user IDs and passwords with colleagues is not recommended, even if you are out of the office and won't be using them. This practice violates security protocols and increases the risk of unauthorized access to sensitive information. It is important to maintain confidentiality and protect personal and company data by not sharing login credentials with anyone.

Rate this question:
10.

What questions should you ask yourself before looking at a patient’s protected health information?
- A.
  
  What is the least amount of information I need to do my job?
- B.
  
  Do I have my own approved and valid user ID and password that would allow me to access this information?
- C.
  
  Do I need to know this information in order to do my job?
- D.
  
  All of the listed answers.
Correct Answer
D. All of the listed answers.

Explanation
Before looking at a patient's protected health information, it is important to ask yourself the following questions: What is the least amount of information I need to do my job? Do I have my own approved and valid user ID and password that would allow me to access this information? Do I need to know this information in order to do my job? By asking these questions, you ensure that you are accessing the information only when necessary and that you have the proper authorization to do so. Therefore, the correct answer is all of the listed answers.

Rate this question:
11.

Rush must maintain and enforce HIPAA privacy and security policies and train all Medical Center employees on HIPAA privacy and security issues annually.
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
The statement is true because Rush, as a Medical Center, is required to adhere to HIPAA privacy and security policies. This includes maintaining and enforcing these policies to ensure the protection of patient information. Additionally, all employees must be trained annually on HIPAA privacy and security issues to ensure they are aware of the necessary protocols and procedures to maintain compliance.

Rate this question:

Snow City Arts HIPAA Test 2015

Privacy, confidentiality, and electronic security are important concepts to Rush because:

Which of the following examples is NOT a common work practice that protects the confidentiality of patient information?

All patient requests for restrictions or amendments must be forwarded immediately to the Rush Privacy Office.

The HIPAA Privacy and Security regulations give patients federal rights concerning their protected health information.

Which of the following is not a patient’s right under HIPAA?

Only employees who need to access patient records have a role in protecting patient privacy and confidentiality.

Violations of the privacy, confidentiality, and electronic security of patient information can be reported by:

All employees are obligated to do which of the following?

It is OK to share your user ID and passwords with a colleague if you are out of the office and won’t be using them.

What questions should you ask yourself before looking at a patient’s protected health information?

Rush must maintain and enforce HIPAA privacy and security policies and train all Medical Center employees on HIPAA privacy and security issues annually.