HIPAA And Corporate Compliance For Stroger Students And Rotators

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Stroger
S
Stroger
Community Contributor
Quizzes Created: 1 | Total Attempts: 6,619
| Attempts: 6,666
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/10 Questions

    At registration, patients are provided with a Notice of Privacy Practices that explains how their health information may be used.

    • True
    • False
Please wait...
About This Quiz

After completing an on-line module, trainees must pass this quiz with a score of 100%.

HIPAA And Corporate Compliance For Stroger Students And Rotators - Quiz

Quiz Preview

  • 2. 

    It is ok to post patient information on a blog or social media site as long as CCHHS is not mentioned.

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Posting patient information on a blog or social media site, even without mentioning CCHHS (Cook County Health and Hospitals System), is not acceptable. It is a violation of patient privacy and confidentiality. Healthcare providers are bound by laws and ethical standards to protect patient information and should never disclose it on public platforms.

    Rate this question:

  • 3. 

    Paper containing pHI can be disposed of in the regular trash

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Paper containing PHI (Protected Health Information) cannot be disposed of in the regular trash because it contains sensitive and confidential information about individuals' health. Proper disposal of PHI is crucial to ensure privacy and prevent unauthorized access. HIPAA (Health Insurance Portability and Accountability Act) regulations require healthcare organizations to implement secure methods of disposal, such as shredding or incineration, to protect patient information. Therefore, the correct answer is False.

    Rate this question:

  • 4. 

    Which of the following is an example of proper password practice?

    • Share passwords with co-workers

    • Create a password using your name and birthdate so you can easily remember it.

    • Create a password that is difficult to guess and is not based on your personal information. Use upper and lower case letters, numbers, and other characters.

    • Write your password down and place the password next to your computer

    Correct Answer
    A. Create a password that is difficult to guess and is not based on your personal information. Use upper and lower case letters, numbers, and other characters.
    Explanation
    Creating a password that is difficult to guess and not based on personal information, while using a combination of upper and lower case letters, numbers, and other characters, is an example of proper password practice. This ensures that the password is strong and less vulnerable to hacking attempts. Sharing passwords with co-workers, using personal information in the password, and writing the password down and leaving it next to the computer are all examples of improper password practices that can compromise security.

    Rate this question:

  • 5. 

    If you suspect a privacy breach or you are aware of a privacy breach, you should:

    • Tell the employee they should not be breaching a patient's privacy.

    • Not worry about it because it is only one patient's information.

    • Report your concern to your supervisor and to Corporate Compliance

    • Call the patient and tell them you think their privacy was breached

    Correct Answer
    A. Report your concern to your supervisor and to Corporate Compliance
    Explanation
    If you suspect a privacy breach or are aware of one, it is important to report your concern to your supervisor and to Corporate Compliance. This is the correct course of action because it ensures that the appropriate authorities are made aware of the breach and can take appropriate action to address the situation. Telling the employee they should not be breaching a patient's privacy may not be sufficient in addressing the issue, as it may require further investigation and intervention. It is also not advisable to ignore the breach or contact the patient directly, as this may not be within your jurisdiction and could potentially complicate the situation further.

    Rate this question:

  • 6. 

    Patients have the right to:

    • Request access to their own medical record

    • Request a revision to their medical record

    • Request and accounting of the disclosures that have been made

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    The correct answer is "All of the above" because patients have the right to request access to their own medical record, request a revision to their medical record, and request an accounting of the disclosures that have been made. These rights are essential for patients to have control over their medical information and ensure its accuracy and privacy.

    Rate this question:

  • 7. 

    Minimum Necessary means:

    • Accessing PHI you need to know to do your job

    • Accessing a medical record to find out about a neighbor's condition

    • Telling a co-worker about the medical care of a patient who is also well known to the community

    • None of these answers are correct

    Correct Answer
    A. Accessing PHI you need to know to do your job
    Explanation
    The concept of minimum necessary means that when accessing PHI (Protected Health Information), an individual should only access the information that is necessary for them to perform their job duties effectively. This principle ensures that the privacy of patients' medical information is protected and that only authorized personnel have access to the information they require to carry out their responsibilities. The other options mentioned in the question, such as accessing a medical record for personal curiosity or sharing patient information with a coworker without a legitimate need, would violate the principle of minimum necessary and compromise patient privacy.

    Rate this question:

  • 8. 

    It is against CCHHS policy to access your own health information

    • True

    • False

    Correct Answer
    A. True
    Explanation
    According to the statement, it is against CCHHS (Cook County Health and Hospitals System) policy to access your own health information. This means that individuals are not allowed to access their own health records within the CCHHS system. Therefore, the answer is true.

    Rate this question:

  • 9. 

    An allowable incidental disclosure is:

    • A visitor ovehears two nurses discussing a patient's condition on the elevator

    • A therapist discusses the patient's clinical condition with the patient in a waiting room full of patients

    • A patient overhears the doctor speaking to another patient in a shared hospital room.

    • All of these examples are allowable incidental disclosures.

    Correct Answer
    A. A patient overhears the doctor speaking to another patient in a shared hospital room.
    Explanation
    All of the examples given involve incidental disclosures, which are unintentional disclosures of protected health information (PHI) that occur as a byproduct of a permitted use or disclosure. In this case, a patient overhearing the doctor speaking to another patient in a shared hospital room is considered an allowable incidental disclosure because it is not intentional and occurs in a setting where privacy cannot be fully maintained. However, it is important for healthcare providers to take reasonable steps to minimize incidental disclosures and protect patient privacy as much as possible.

    Rate this question:

  • 10. 

    Cook County Health and Hospital System (CCHHS) may use and disclose pHI without patient authorization for:

    • A. Treatment

    • B. Payment

    • C. Operations

    • A and C are correct

    • A, B, and C are correct

    Correct Answer
    A. A, B, and C are correct
    Explanation
    The correct answer is A, B, and C are correct. Cook County Health and Hospital System (CCHHS) is allowed to use and disclose Protected Health Information (PHI) without patient authorization for treatment, payment, and operations purposes. This means that they can access and share patient information within the healthcare system for providing medical care, processing payments, and conducting administrative activities necessary for the functioning of the hospital system.

    Rate this question:

Quiz Review Timeline (Updated): Mar 20, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Nov 01, 2013
    Quiz Created by
    Stroger
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.