2016 - HIPAA Compliance

31 Questions | Total Attempts: 71

SettingsSettingsSettings
Please wait...
2016 - HIPAA Compliance

Annual HIPAA compliance validation


Questions and Answers
  • 1. 
    What kind of personally identifiable health information is protected by HIPAA privacy rule?
    • A. 

      Paper

    • B. 

      Electronic

    • C. 

      The spoken word

    • D. 

      All of the above

    • E. 

      None of the above

  • 2. 
    HIPAA security and privacy regulations apply to:
    • A. 

      Attending physicians, nurses, and other healthcare professionals.

    • B. 

      Health information managers, information systems staff, and other ancillary personnel only.

    • C. 

      Anyone working in the facility.

    • D. 

      Only staff that have direct patient contact.

  • 3. 
     It would be appropriate to release patient information to:
    • A. 

      The patient's (non-attending) physician brother.

    • B. 

      Personnel from the hospital that the patient transferred from 2 days ago, who is calling to check on the patient.

    • C. 

      The respiratory therapy personnel doing an ordered procedure.

    • D. 

      A retired physician who is a friend of the family.

  • 4. 
     If a person has the ability to access facility of company systems or applications, they have a right to view any information contained in that system or application.
    • A. 

      True

    • B. 

      False

  • 5. 
     Copies of patient information may be disposed of in any garbage can in the facility.
    • A. 

      True

    • B. 

      False

  • 6. 
     The criminal penalties for improperly disclosing patient health information can be as high as fines of $250,000 and prison sentences of up to 10 years.
    • A. 

      True

    • B. 

      False

  • 7. 
     Protected health information is anything that connects a patient to his or her health information.
    • A. 

      True

    • B. 

      False

  • 8. 
    Confidentiality protections cover not just a patient’s health-related information, such as his or her diagnosis, but also other identifying information such as social security number and telephone numbers.
    • A. 

      True

    • B. 

      False

  • 9. 
     You are working elsewhere in the hospital when you hear that a neighbor has just arrived in the ER for treatment after a car crash.  You should
    • A. 

      Contact the neighbor's spouse to alert him or her about the accident.

    • B. 

      Do nothing and pretend you don't know about it.

    • C. 

      Tell the charge nurse in the ER that you know how to reach the patient's spouse and offer the information if it's needed.

  • 10. 
    Which of the following are some common features designed to protect confidentiality of health information contained in patient medical records?
    • A. 

      Locks on medical records rooms

    • B. 

      Passwords to access computerized records

    • C. 

      Rules that prohibit employees from looking at records unless they have a need to know

    • D. 

      All of the above

  • 11. 
    Confidential information must not be shared with another unless the recipient has:
    • A. 

      An OK from a doctor

    • B. 

      The need to know

    • C. 

      Permission from appropriate authority in the facility

    • D. 

      All of the above

  • 12. 
    What is the standard for accessing patient information?
    • A. 

      A need to know for the performance of your job.

    • B. 

      If a physician asks you the diagnosis of a patient.

    • C. 

      Just because you are curious.

    • D. 

      You are a relative of the patient.

  • 13. 
    Can you access your own medical record via the computer system?
    • A. 

      True

    • B. 

      False

  • 14. 
     Patients have a right to access their health information.
    • A. 

      True

    • B. 

      False

  • 15. 
    Confidentiality and privacy are important concepts in healthcare because:
    • A. 

      They help protect healthcare facilities from lawsuits.

    • B. 

      They allow patients to feel comfortable sharing information with their doctors.

    • C. 

      They avoid the confusion of having people other than a physician distributing information about a patient.

    • D. 

      Both A & B.

  • 16. 
    You are approached by an individual who tells you that he is here to work on the computers and wants you to open a door for him or point the way to a workstation.  How do you respond to this request?
    • A. 

      Provide him with the information or access he needs.

    • B. 

      Ask him who at the facility has hired him and refer him to that person for assistance.

    • C. 

      Call the police.

  • 17. 
    When is the patient’s written authorization to release information required?
    • A. 

      In most cases, when patient information is going to be shared with anyone for reasons other than treatment, payment or healthcare operations.

    • B. 

      Upon admission to a facility.

    • C. 

      When patient information is to be shared among two or more clinicians.

    • D. 

      When patient information is used for billing to a private insurer.

  • 18. 
     If you suspect someone is violating the facility’s privacy policy, you should:
    • A. 

      Say nothing. It's none of your business.

    • B. 

      Watch the individual until you have gathered solid evidence against them.

    • C. 

      Report your suspicions to the clinical supervisor for further follow-up.

  • 19. 
     What does "HIPAA" stand for?
    • A. 

      Health Insurance Portability and Accountability Act

    • B. 

      Healthcare Industry Privacy and Accountability Act

    • C. 

      Health Insurance Privacy and Administration Act

    • D. 

      None of the above

  • 20. 
     What is PHI (Protected Health Information)?
    • A. 

      Covered transactions (eligibility, enrollment, health care claims, payment, etc,) performed electronically

    • B. 

      Information about past or present mental or physical condition of a patient.

    • C. 

      Information that can be used to identify a patient.

    • D. 

      All of the above.

  • 21. 
    It is acceptable to wait to report a breach of PHI until you return from vacation if you discover the breach at the end of your shift.
    • A. 

      True

    • B. 

      False

  • 22. 
    Can PHI be transmitted over e-mail?
    • A. 

      E-PHI can only be sent over e-mail for referral to a specialist

    • B. 

      E-PHI can be sent over e-mail only by the rendering provider

    • C. 

      E-PHI can be sent over e-mail as long as it is adequately protected

    • D. 

      E-PHI should never be sent over e-mail

  • 23. 
    What is a Business Associate under HIPAA?
    • A. 

      A lab facility

    • B. 

      A pharmacy

    • C. 

      A electronic health record hosting company

    • D. 

      All of the above

  • 24. 
    Which is a Covered Entity Under HIPAA?
    • A. 

      Government programs that pay for healthcare

    • B. 

      Home Healthcare agency

    • C. 

      Insurance companies

    • D. 

      None of the above

    • E. 

      All of the above

  • 25. 
    It is the responsibility of the employer to offer adequate HIPAA education and training to their employees.
    • A. 

      True

    • B. 

      False

Back to Top Back to top