Quiz #1 on HIPAA Privacy and Information

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/17

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

18 Terms

1
New cards

A Privacy Officer is one of HIPAA's Administrative Requirements.

true

2
New cards

True

Role-Based Access is a helpful tool that assists employees with compliance related to using the Minimum Necessary.

True

3
New cards

The privacy act is part of HIPAA

False

4
New cards

What type of information is not considered PHI?

Deidentified information.

5
New cards

Under the Privacy Rule, all types of health information are treated equally, regardless of their nature.

True

6
New cards

Which Title of HIPAA is most relevant for Health Information Management (HIM)?

Title 2 is the most relevant to HIM

7
New cards

The 2 Goals of the HIPAA Privacy Rule are also used in the Legal Doctrine of Preemption. They are used in order to decide if one requirement is stricter than another requirement.

True

8
New cards

A CE's Workforce is defined as those who receive a paycheck.

False

9
New cards

Which of the following is an example of a situation in which a disclosure is permitted without patient authorization, but the patient has the opportunity to informally agree or object?

Facility directory.

10
New cards

On what basis are Business Associates (BAs) obligated to comply with the law?

Based on the nature of the relationship and the nature of the work (using PHI).

11
New cards

How does the Privacy Rule refer to patients?

As individuals.

12
New cards

When using the Safe Harbor Method, which data element does not need to be removed to deidentify PHI?

Diagnoses.

13
New cards

What is an example of a Covered Entity (CE)?

A health plan.

14
New cards

What does mitigation refer to in the context of PHI?

The lessening of effects of a wrongful use or disclosure of PHI.

15
New cards

TPO

Functions of a CE that are necessary for the CE to successfully conduct business.

16
New cards

What does consent (per HIPAA) mean?

Obtaining patient permission to use or disclose PHI for TPO purposes (obtaining consent for TPO purposes is optional)

17
New cards

What is the difference between use and disclosure of PHI?

Use is sharing within a healthcare organization, while disclosure is the release of information outside of it.

18
New cards

What does NPP stand for and what does it explain?

NPP stands for Notice of Privacy Practices, which explains a patient's rights and the CE's legal duties with respect to PHI.

Explore top notes

Explore top flashcards