STS HIPAA/Omnibus Training Quiz

15 Questions | By STSTrainee | Updated: Mar 21, 2022 | Attempts: 116

Questions

Settings

The questions below reflect some of the training information you should have reviewed within the HIPAA training video and/or employee training packet. Please read all the questions carefully, answer them to the best of your abilities, and return to your HIPAA compliance officer.

Questions and Answers

1.

EHR or "Electronic HIPAA Records" refers to patient records that can be transmitted or copied and shared by electronic means: digital, fax, text, phone transmission or via internet.
- A.
  
  True
- B.
  
  False
2.

What does the acronym "HIPAA" stand for?
3.

What does the acronym PHI mean?
4.

PHI is any identifiable information which relates to an individual's past, present, or future physical health or condition for which there is a reasonable cause to believe it can be used to identify that individual.
- A.
  
  True
- B.
  
  False
5.

An entity (non-employee) that in the course of their work will directly or indirectly create, receive, maintain, or transmit PHI on behalf of a Covered Entity is considered under the Omnibus Rule to be a/an:
- A.
  
  Healthcare Provider
- B.
  
  Health Care Clearinghouse
- C.
  
  Health Care Consultant
- D.
  
  Business Associate
6.

Within the context, HHS refers to The U.S. Department of Health and Human Services.
- A.
  
  True
- B.
  
  False
7.

What is the largest monetary penalty that may be incurred for HIPAA violation in a year under the new Omnibus Rule?
- A.
  
  $50,000
- B.
  
  $500,000
- C.
  
  $1.5 million
- D.
  
  $750,000
8.

The Health Insurance Portability and Accountability Act or HIPAA was enacted by congress on October 16th, 2002.
- A.
  
  True
- B.
  
  False
9.

Regarding to the Omnibus Rule on HI TECH Law, who is held directly responsible for any malicious posting on social networks?
- A.
  
  The CEO or Business Owner
- B.
  
  HIPAA Compliance Officer
- C.
  
  The Employee
- D.
  
  The Business Associate
10.

Regarding to the Omnibus Rule on HI TECH Law for any malicious posting on social networks; what is the potential penalty to the person or persons held directly responsible? [Be specific]
11.

If you were to receive a CHS consultation request form from downrange with specific PHI of a patient in the name which is the best option below?
- A.
  
  Forward the form to on-call trauma doctor.
- B.
  
  Decide that it is inappropriate to forward the form and verbalize the information to the doctor.
- C.
  
  Call downrange and ask them to change how they named the form.
- D.
  
  Change the name of the form to something more appropriate then send to on-call doctor.
12.

Under the Omnibus Rule, what three communication permissions are directly permissible and considered the course-of-doing business? [Check all three that apply]
- A.
  
  Appointment Reminders
- B.
  
  Patient Names
- C.
  
  Treatment Information
- D.
  
  Patient Home Address
- E.
  
  Benefit Notifications
- F.
  
  Patient Social Security Number
13.

How long do we currently keep patient consent forms at Specialty Telehealth Services?
- A.
  
  0 days
- B.
  
  30 days
- C.
  
  60 days
- D.
  
  90 days
- E.
  
  A minimum of two years
14.

It is okay to share PHI with trauma docs as long as the information is verbalized and does not leave a record.
- A.
  
  True
- B.
  
  False
15.

NOPP stands for Notices of Privacy Protocols.
- A.
  
  True
- B.
  
  False