SEC's HIPAA Exam

The HIPAA Privacy Rule for the first time creates national standards to protect an individuals’

• A.

  Right to own firearms

• B.

  Medical records and other personal health information

• C.

  Skin from UV rays

• D.

  Immune system from the adverse effects of flu vaccines

• E.

  Right to hang up on telemarketers

HIPAA stands for Health Insurance _________ and Accountability Act.

HIPAA places restrictions on disclosure of

• A.

  The place you enjoyed your first kiss

• B.

  The number on your Swiss Bank Account

• C.

  Protected health information

• D.

  Projected health information

HIPPA established rules for

• A.

  Privacy, security and electronic trangressions

• B.

  Primacy, security and automatic transmissions

• C.

  Privacy, superiority and electronic tranfusions

• D.

  Privacy, security and electronic transmissions

What does PHI mean?

• A.

  Please Hit the Idiot

• B.

  Protected health information

• C.

  Prescription, hosptials, and institutions

Wrongfully accessing or disclosing PHI can result in

• A.

  A loss of drivers license for up to one year

• B.

  Being forced to cheer for the Georgia Bulldogs

• C.

  Fines up to $50,000 and up to 1 year in prison

• D.

  Fines up to 15,000 and up to 2 years in prison

No authorization is needed to disclose PHI if . . .

• A.

  Individuals involved in patient’s care or payment.

• B.

  To comply with workers compensation laws;

• C.

  To FDA to ensure quality, safety, or effectiveness of FDA-regulated products

• D.

  All of the above

HIPAA requires SEC to (chose all that apply)

• A.

  Have a privacy officer

• B.

  Have policies and procedures

• C.

  Control access

• D.

  Provide notice to individuals of information practices

-HIPAA's minimum necessary standard means

• A.

  Providers should disclose or use only the minimum necessary amount of PHI in order to do their jobs

• B.

  Providers should use minimum necessary precautions

• C.

  Providers should use minimum necessary paper in an effort to protect the environment

1. Notice of Privacy Practices2. Authorization Forms3. Accounting for Disclosures4. Business Associate AgreementsThe above are examples of _______

• A.

  Pure poetry, baby!

• B.

  Notices and forms SEC’s covered health care providers are required to have and use

• C.

  The so-called four horsemen of HIPAA compliance

Notice of Privacy Practices states:

• A.

  Private Practice! Get Out, Your Tresspassing

• B.

  You must not practice privacy except in the confines of your own home

• C.

  Each patient must receive a Notice of Privacy practices no later than the date of first service delivery

• D.

  Patients must receive a Notice of Privacy practices no later than the date of first service delivery or January 1st whichever comes first.

 Check any of the following which are Security Requirements for SEC and its employees.

• A.

  Position computer screens so they cannot be seen by unauthorized persons.

• B.

  Must have appropriate administrative, technical and physical safeguards to protect the privacy of PHI.

• C.

  Must control access to information

• D.

  Report suspected or known breaches of confidentiality to your Privacy Officer

• E.

  Share your password

SEC's Privacy Officer is

• A.

  Bend Over

• B.

  Weird

• C.

  Ben Overby

• D.

  Can't say, it's private!

Joe  (who's over 18) “opted out” of communications with family and friends and specifically indicated that nothing about his condition or treatment was to be discussed with his parents. Unable to learn what is happening with their son, Mr. & Mrs. McCleod ask their friend, Dr. Steve, who isn’t involved in Joe’s care, to review Joe’s records.   Dr. Steve reviews the records and  informs Joe’s parents that Joe has hepatitis B and shows signs of drug abuse. Were proper procedures followed when sharing information with Joe’s parents?

• A.

  Yes, parents have a right to know!

• B.

  No! Joe’s parents should not have received information about Joe’s condition because he had “opted out” of sharing information with family and friends

Passing through a crowded check-in area,  Nurse Betty overhears John (the check-in clerk) telling a patient on the phone that he needs a follow-up appointment because his stress test looked positive. She notices waiting patients listening intently to the conversation. What should Nurse Betty do?

• A.

  Remind John to speak in a lower voice in order not to be overheard by the other patients.

• B.

  Tell everyone to mind their own business.

• C.

  Sarcastically ask John if there's any other private information he'd like to share with his audience