Trivia Quiz Questions: Can You Pass This HIPAA Exam?

The zip code of the patient

The patient's date of birth

The patient's Medicare ID number

All of the above

The right to access the patient’s own patient care report by contacting your service’s privacy officer

The right to review the patient care report before you submit it to the hospital

None of the above

Both A and B

Make a personal copy for the EMT’s own files

Share the report with another staff member at the organization who has a legitimate need to see the information for the purpose of billing the transport.

Share the report with another coworker who was not on the trip and who is curious about the patient.

Crumple the paper copies of the electronic patient care report you may have printed and toss them into the trash can once the EMT is through with it .

While sitting around at the office, a paramedic decides to access the file of a call he was on a year ago because he is now curious after reading about the patient’s arrest for burglary in the newspaper .

An EMT gets back to the station after responding to a motor vehicle accident and states to another EMT who was not on the call, “Man, was that guy messed up from the accident.”

On the way to the hospital, the EMT in the patient compartment relays the condition of the patient via radio to the physician at the emergency department.

As he is unloading the patient at the hospital, EMT Smith shouts, “Outta my way everyone, we have the City Mayor on this stretcher!”

True

False

A billing professional dials a phone number she has for the patient and leaves a message on the answering machine regarding a bill and recounts all of the details about the patient transport.

An EMT calls dispatch to request directions to the location of a facility where the crew is performing a routine, non-emergent transport and the EMT also asks dispatch to radio the name, date of birth, and social security number of the patient so that he has it for his records.

Before conducting a quality improvement case review meeting, an ambulance service redacts all identifying information from patient care reports that is unnecessary for the review, including patient names, dates of birth, home addresses, etc.

When arriving at the hospital, a paramedic relays the condition of a patient to the ED staff and also proceeds to tell them that “Mr. Smith would be on his last leg if it wasn’t for all of his inherited wealth to pay for his treatment.”

Every 12 months

Any time a new crewmember treats the patient

Whenever the patient asks for a copy of a PCR

If your agency has revised its NPP since the last time the patient received it

True

False

The patient’s legal guardian

The patient’s power of attorney

The parent of a minor patient

All of the above

Treats over 5,000 patients a year

Deals with electronic health records

Meets the definition of a “covered entity” under HIPAA

Has over 50 employees

True

False

True

False

It would be a HIPAA violation to load more than one patient into an ambulance at a time because each patient could overhear protected health information (PHI) about the other patient.

It is ok to call into a receiving facility to relay a medical report to the ED staff on your incoming patient.

HIPAA permits the use of radio communications to relay PHI even if the public can monitor the frequencies

Communication centers may freely relay PHI to responding agencies over the airwaves for treatment purposes

Subpoena

Summons

Search Warrant

All of the above

Asking the patient’s permission to give PHI to the officer

Informing the police officer that he may speak with the victim so long as it would not impede care.

Telling the patient that a police officer needs medical information about him and that the patient has no choice but to answer all of the officer’s questions about his medical condition.

Asking the patient whether she wants to speak with the police officer.

Contact the HIPAA Compliance Officer at your organization to get clarification on the matter.

Err on side of disclosing the information that the officer needs because he is a law enforcement agent

Release only demographic information about the patient

Release only general information about the patient’s condition

True

False

You only post pictures of the patients involved, with no names or other patient identifying information with the images, as long as their faces are not recognizable.

You only post generic information about the accident and extent of the victims’ injuries

You ensure that your profile is set to private so only your friends can see the information that you have posted

None of the above is acceptable

True

False

Only if you have a business associate agreement in place with the other provider and they show you the agreement.

Only if the other provider is a contracted business partner of your organization.

If sharing the information is necessary for the treatment of the patient.

None of the above

Verbally

Over the radio

By handing the receiving facility a patient care report

All of the above

Generally these facilities have a contractual arrangement with the ambulance services that perform transports for them.

HIPAA allows PHI to be freely shared between healthcare providers who are treating the patient

EMS providers are required by HIPAA to gather as much PHI about a patient as they can.

If the patient wants to look at his record from the facility at some point in the future, the ambulance service is obligated under HIPAA to provide it to the patient .

True

False

Physical safeguards to protect things like computer file servers and other physical file locations.

Technical safeguards such as password security, automatic logoff features and other security measures.

Administrative safeguards such as policies and procedures about protecting electronic PHI that should be followed by all workforce members at the organization

All of the above.