GM Billing & Recovery Solutions®
GM Billing & Recovery Solutions®
get in touch
HIPAA Compliance Training Quiz
The major goal of the Privacy Rule is to_____?
Protect the provider
Protect an individual’s health information
Keep documents sealed
Protect the insurance company
To ease the burden of complying with HIPAA requirements, the Privacy Rule_______
Has specific requirements for each provider
Mandates clear instructions on all procedures
Gives providers flexibility to create their own privacy procedures
Relies on each provider to self-check their compliance
The HIPAA______ establishes a national set of standards for protecting certain health information that is held or transferred in electronic form.
The Security Rule applies to health plans, healthcare clearinghouses, and any healthcare provider who transmits health information______
In any manner or form
In an electronic form
In any non-electronic form
Using standard mail
Privacy is the ____ and security is the ____.
The Privacy Rule protects PHI______.
As required by OSHA
In any form
When in transmission
In writing only
Health information that contains at least ___ patient identifier(s) is protected under HIPAA.
If you see someone wrongfully disclosing PHI, what should you do first?
Talk to your immediate supervisor about the situation
Talk to the person who is disclosing PHI
Confront the patient
Nothing, it isn’t your problem
Two providers are having coffee at a local coffee shop and discussing a patient case that involves PHI. What should they do?
Ask other customers what they think they should do
Move to a private location
Tell others around them not to listen
Don’t use the name of the patient
When are conversations that your healthcare provider has about your care protected?
Under HIPAA, an individual may _____.
Not request electronic copies of their health information
Require covered entities to change all HIPAA errors
Require verification of a covered entities privacy practices
Ask for their information to be amended to correct errors
A provider may share relevant patient information if what applies?
You are present and do not object to sharing the information
You are present and the provider believes you will not object
You are not present, and your partner does not object
Your partner gives the provider permission to share the information
When may a provider discuss a patient’s PHI with a family member, friend or other person?
If the family member signs an NDA
If the patient is under 18 and does not object
If parental permission has been received by the provider
If the patient gives the provider permission to share information
Which of the following is one of the four categories of covered entities that must comply with HIPAA?
Public health authorities
Workers’ compensation insurers
Health care providers
Personal health record vendors
Covered entities must ensure the confidentiality, integrity and availability of ePHI _____.
Transmitted orally or in writing
They develop and distribute to others
Regulated by HIPAA and distributed
They create, maintain or transmit electronically
The Security Rule defines confidentiality to mean that ePHI is ____
Withheld from external covered entities
Not available or disclosed to unauthorized persons
Not disclosed to other health care professionals
Prevented from being transmitted electronically
Under the Security Rule, ______ means ePHI is not altered or destroyed in an unauthorized manner.
As required by the Security Rule, which of the following must be done by a covered entity as part of their security management process?
A safety inspection
A risk analysis
Formal reporting to OSHA
A hazard analysis
Which of the following is an example of an Administrative Safeguard?
Designate a Security Officer responsible for policies and procedures
Limit physical access to facilities to authorized persons only
Implement technical measures to guard against unauthorized access to ePHI
Implement electronic measures to confirm ePHI has not been altered
Which of the following Technical Safeguards ensures that ePHI is not improperly altered or destroyed?