Print Options

Font size:

← Back to notecard set|Easy Notecards home page

Print this list...Print as notecards

HIPPA Exam (med staff)

1.

A business associates can be which of the following?

  • medical supply delivery person
  • third party IT personnel
  • subcontractors
  • organizations w/ data transmission services + store data/organizations
  • vendors that manage personal health records
2.

HIPPA covered entity (CE) is which of the following?

ALL OF ABOVE

Health care provider, health plan, health care clearinghouse

3.

(T/F) If an agreement is not in place, BAs are not required to follow HIPAA

FALSE

4.

HIPAA scenario // medial office billing calls patient but not there // talks to spouse about issue but no signed authorization from patient to allow disclosure

HAS HIPAA BEEN VIOLATED? (Y/N)

YES

5.

YES

6.

NO

7.

(T/F) The goal of HIPAA privacy rule is to protect the health information of patients and restrict the flow of information in treatment.

FALSE

8.

the minimum necessary rule of the hipaa privacy rule encourages

ALL Above

  • identify which pieces of PHI need+will be accessed
  • CEs and BAs determine who needs to have access to what information to perform the duties of their job
9.

Which of the following is PHI that is not required to be given to an individual when requested?

Psychotherapy notes

10.

Who is considered an "Actor" under the ONC Cures Act Final Rule?

All the Above

  • Healthcare providers
  • Health IT developers
  • Health information exchanges
  • Hospitals
11.

If the State Law is more stringent than the HIPAA Privacy Law, the:

The State Law Prevails

12.

Which of the following are considered Administrative Safeguards?

  • assigned security responsibilities
  • business associate contracts
  • contingency plan
  • evaluation
13.

(T/F) The Security Rule's main goal was to protect PHI while still allowing for technical advancements in patient care.

True

14.

What is not a safeguard covered under HiPAA Security Rule?

Patient Safeguards

15.

What are safeguards covered under HiPAA Security Rule?

Administrative/Physical/Technical Safeguards

16.

What is recommended for data that is being transmitted electronically?

encrypt all data

17.

willful neglect

conscious failure or reckless indifference to comply with administrative simplification provision

18.

3 exceptions to the definition of breach

19.

If more than ___ people in a state or jurisdiction are affected by a breach, the Covered Entity must provide notice to prominent media in the area.

500

20.

How soon after the breach must notification be given if more than 500 patent's information was exposed?

60 days

21.

Which of the following are tiers of penalties for violations

  • unknowing
  • resonable cause
  • willful neglect (corrected)
  • willful neglect (uncorrected)