2016 - HIPAA Compliance
Annual HIPAA compliance validation
- 1.What kind of personally identifiable health information is protected by HIPAA privacy rule?
- A.
Paper
- B.
Electronic
- C.
The spoken word
- D.
All of the above
- E.
None of the above
- 2.HIPAA security and privacy regulations apply to:
- A.
Attending physicians, nurses, and other healthcare professionals.
- B.
Health information managers, information systems staff, and other ancillary personnel only.
- C.
Anyone working in the facility.
- D.
Only staff that have direct patient contact.
- 3.It would be appropriate to release patient information to:
- A.
The patient's (non-attending) physician brother.
- B.
Personnel from the hospital that the patient transferred from 2 days ago, who is calling to check on the patient.
- C.
The respiratory therapy personnel doing an ordered procedure.
- D.
A retired physician who is a friend of the family.
- 4.If a person has the ability to access facility of company systems or applications, they have a right to view any information contained in that system or application.
- A.
True
- B.
False
- 5.Copies of patient information may be disposed of in any garbage can in the facility.
- A.
True
- B.
False
- 6.The criminal penalties for improperly disclosing patient health information can be as high as fines of $250,000 and prison sentences of up to 10 years.
- A.
True
- B.
False
- 7.Protected health information is anything that connects a patient to his or her health information.
- A.
True
- B.
False
- 8.Confidentiality protections cover not just a patient’s health-related information, such as his or her diagnosis, but also other identifying information such as social security number and telephone numbers.
- A.
True
- B.
False
- 9.You are working elsewhere in the hospital when you hear that a neighbor has just arrived in the ER for treatment after a car crash. You should
- A.
Contact the neighbor's spouse to alert him or her about the accident.
- B.
Do nothing and pretend you don't know about it.
- C.
Tell the charge nurse in the ER that you know how to reach the patient's spouse and offer the information if it's needed.
- 10.Which of the following are some common features designed to protect confidentiality of health information contained in patient medical records?
- A.
Locks on medical records rooms
- B.
Passwords to access computerized records
- C.
Rules that prohibit employees from looking at records unless they have a need to know
- D.
All of the above
- 11.Confidential information must not be shared with another unless the recipient has:
- A.
An OK from a doctor
- B.
The need to know
- C.
Permission from appropriate authority in the facility
- D.
All of the above
- 12.What is the standard for accessing patient information?
- A.
A need to know for the performance of your job.
- B.
If a physician asks you the diagnosis of a patient.
- C.
Just because you are curious.
- D.
You are a relative of the patient.
- 13.Can you access your own medical record via the computer system?
- A.
True
- B.
False
- 14.Patients have a right to access their health information.
- A.
True
- B.
False
- 15.Confidentiality and privacy are important concepts in healthcare because:
- A.
They help protect healthcare facilities from lawsuits.
- B.
They allow patients to feel comfortable sharing information with their doctors.
- C.
They avoid the confusion of having people other than a physician distributing information about a patient.
- D.
Both A & B.
- 16.You are approached by an individual who tells you that he is here to work on the computers and wants you to open a door for him or point the way to a workstation. How do you respond to this request?
- A.
Provide him with the information or access he needs.
- B.
Ask him who at the facility has hired him and refer him to that person for assistance.
- C.
Call the police.
- 17.When is the patient’s written authorization to release information required?
- A.
In most cases, when patient information is going to be shared with anyone for reasons other than treatment, payment or healthcare operations.
- B.
Upon admission to a facility.
- C.
When patient information is to be shared among two or more clinicians.
- D.
When patient information is used for billing to a private insurer.
- 18.If you suspect someone is violating the facility’s privacy policy, you should:
- A.
Say nothing. It's none of your business.
- B.
Watch the individual until you have gathered solid evidence against them.
- C.
Report your suspicions to the clinical supervisor for further follow-up.
- 19.What does "HIPAA" stand for?
- A.
Health Insurance Portability and Accountability Act
- B.
Healthcare Industry Privacy and Accountability Act
- C.
Health Insurance Privacy and Administration Act
- D.
None of the above
- 20.What is PHI (Protected Health Information)?
- A.
Covered transactions (eligibility, enrollment, health care claims, payment, etc,) performed electronically
- B.
Information about past or present mental or physical condition of a patient.
- C.
Information that can be used to identify a patient.
- D.
All of the above.
- 21.It is acceptable to wait to report a breach of PHI until you return from vacation if you discover the breach at the end of your shift.
- A.
True
- B.
False
- 22.Can PHI be transmitted over e-mail?
- A.
E-PHI can only be sent over e-mail for referral to a specialist
- B.
E-PHI can be sent over e-mail only by the rendering provider
- C.
E-PHI can be sent over e-mail as long as it is adequately protected
- D.
E-PHI should never be sent over e-mail
- 23.What is a Business Associate under HIPAA?
- A.
A lab facility
- B.
A pharmacy
- C.
A electronic health record hosting company
- D.
All of the above
- 24.Which is a Covered Entity Under HIPAA?
- A.
Government programs that pay for healthcare
- B.
Home Healthcare agency
- C.
Insurance companies
- D.
None of the above
- E.
All of the above
- 25.It is the responsibility of the employer to offer adequate HIPAA education and training to their employees.
- A.
True
- B.
False
Featured Quizzes
Back to top