HIPAA Test

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/42

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 1:31 PM on 7/11/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

43 Terms

1
New cards

EHR stands for?

Electronic health record

2
New cards

HIPAA stands for?

Health Insurance Portability And Accountability Act

3
New cards

HITECH stands for?

Health Information Technology For Economic And Clinical Health Act

4
New cards

PII stands for?

Personal Identifiable Information

5
New cards

PHI stands for?

Patient Health Information

6
New cards

ePHI stands for?

Electronic Protected Health Information

7
New cards

What is the 1973 Patients Bill of Rights?

  • Defines clear rights of patients

  • List of expectations & rights for hospitals to tailor for community needs

  • Typically put up in waiting rooms

  • No single standard version

8
New cards

What is the 2010 Affordable Healthcare Act?

Protects patients from insurance companies

  • Allows dependents up to 26 years old on parent’s insurance

  • Insurance can’t deny coverage of patients with pre-existing conditions

  • Preventative screenings are covered without copays/fees (ex: mammogram)

9
New cards

Examples of Patient Bill of Rights?

Patients have a right to:

• Protection of privacy

• Considerate, safe, respectful care

• Know the physicians involved in their care

• Refuse testing, treatment, involvement in research

10
New cards

What to do if a patient refuses an exam?

• Clarify why exam is necessary

• Assess competency and urgency (ex: is this an emergency/life threatening?)

• Document refusal, pt must sign refusal form

• Reassure pt they can reschedule if they want to

• Notify physician / provider of refusal

11
New cards

What is the 21st Century Cares Act (2021)?

• Expansion of patient bill of rights that allowed increased access to clinical notes

• Full clinical notes to be released to patient in their medical chart (test results, physician notes) AKA Open Notes

12
New cards

Advantages & disadvantages of Open Note?

Advantages:

• Quick easy access

• PT can point out errors in their notes

• PT can feel more empowered w/ their care

• Transparency between pt & MD

• Pt feels better prepared for their visits

Disadvantages:

• Language may be confusing for a layperson

• Pt may not agree with what’s in their notes

• Potential breakdown of relationship

• MD may have to spend more time explaining or editing their notes

• MD may be overwhelmed with inquiries from Pts

13
New cards

What is a Patient’s Medical Chart? Examples?

Complete record of a patient’s key clinical data & medical history

Ex: demographics, vital signs, diagnoses, medications, treatment plans, billing, address, contact info, patient location, their overseeing RN & MD

14
New cards

What is HIPAA?

Health Insurance Portability & Accountability Act of 1996

• Sets national standards for protection of privacy & security of a patient’s health information in any form

Major additions since it was first signed: Intro to privacy rule, Security rule, Breach enforcement rule, Omnibus final rule

15
New cards

What’s the HIPAA privacy rule?

• Gives patients ability & right to access their medical info and records

• Set boundaries on the release of patient health records & information

• Establishes safeguards for healthcare providers to protect privacy of PHI (patient health info)

16
New cards

Examples of PHI (protected health info)?

Name , Age/DOB , Address

Phone number, email address

Medical history, diagnosis, medications, treatments, symptoms

Patient admit status

Social security #, Medical record #, Fingerprints

17
New cards

What’s the HIPAA Privacy Rule?

Contains standards for patients to know their rights regarding privacy and how their information is used

18
New cards

Who must abide by HIPAA?

Anyone who has access to the patients medical records or private information AKA “Covered Entities”

19
New cards

** What are Covered Entities? Examples? ****

Anyone who has access to patients medical records/private info.

Examples:

• Healthcare providers

• Health plans: entities that provide/pay cost of medical care

• Clearing Houses: processes info they receive from another entity (middleman between health provider & insurance to check claims)

• Business Associates: provides services for a covered entity (IT, billing, coding, data disposal)

20
New cards

Who are exceptions to the HIPAA rule?

Covered entities can disclose pt info under these exceptions:

• Abuse or neglect

• Law enforcement

• Disaster relief

• Judiciary proceedings

• Coroners & medical examiners

• Emergencies affecting life/safety/imminent danger

• Treatment, payment, & healthcare operations (TPO)

21
New cards

Can employees access family/friends/celebrity’s medical record?

Unless you’re part of their care and require info for your job, NO!!!

22
New cards

What’s the HIPAA Security Rule? **

Standards for protecting confidentiality & availability of ELECTRONIC Protected Health Information. Doesn’t apply to oral/written PHI

23
New cards

How to be in compliance of HIPAA security rule?

• Detect & safeguard against threats

• Protect against misuse of PHI

• Certify workforce compliance via employee training

• Ensure confidentiality of electronic PHI

24
New cards

What’s the HIPAA Breach Enforcement rule? **

Allows the Dept of Health and Human Services to investigate HIPAA complaints against covered entities

Covered entities can be fined/penalized for avoidable breaches

25
New cards

What are the consequences for HIPAA violation? **

• Employee termination

• Civil/criminal penalties

• Fines - up to $25,000

• Imprisonment up to 10 years

• Sanctions from professional boards

Malpractice insurance covers some HIPAA violations

26
New cards

Exceptions to the Breach Enforcement rule?

• If breach was unintentional/done in good faith and in scope of authority (ex: accidentally clicking wrong patient name)

27
New cards

Who oversees HIPAA compliance?

They process HIPAA violation complaints

• Health & Human Services Office for Civil Rights (HHS - OCR)

• Works w Dept of Justice

28
New cards

How to file a HIPAA violation complaint? ***

• Submit complaint in writing via online portal, email, mail, or fax

• MUST BE WITHIN 180 DAYS OF WHEN YOU BECAME AWARE OF INCIDENT (not the incident itself)

• Name the entity involved & describe the actions perceived to be HIPAA violations

29
New cards

Who can file a HIPAA violation complaint?

ANY PERSON who believes a covered entity has not complied w/ HIPAA

30
New cards

What to do when a breach occurs?

The covered entity needs to send a breach notification alert WITHIN 60 DAYS to:

• Affected individuals

• Dept of Health & Human Services (HHS)

(If breach affects less than 500 ppl, HHS must be contacted immediately)

• Media, if necessary

31
New cards

What is Notice of Privacy Practices?

• Provides notice of all ways an organization uses/shares info

• Explains a pt’s right to confidentiality & access to their info

• Posted in the organization & on their website

32
New cards

Patient Privacy: What can pt agree or object to?

• Giving family/friends health info or status

• Letting family pick up prescriptions

• Who may be present during exams

• Respect patient privacy in presence of others

33
New cards

What can you share if a patient agrees to listing their name in the hospital directory? **

If they do list their name, you can share location and general location.

If they don’t, DO NOT GIVE ANY INFO.

34
New cards

When do you share medical records of minors to parent/guardians?***

Parent/guardian have access if

  • Patient is under 18

  • If they request info, except pertaining to an abortion

Parent/guardian does NOT have access if a provider believes they are abusing or neglecting the child

35
New cards

What services can minors receive without parental consent? ***

Pregnancy testing

Birth control

Testing and treatment of STIs

36
New cards

What if a minor decides to have an abortion?

MD law: requires one parent/guardian be NOTIFIED before the abortion (but doesn’t need approval)

37
New cards

When would a parent not be notified of a minor’s abortion?

if the doctor performing the abortion decided that

• Effort to give notice was unsuccessful

• Minor doesn’t live w/ parent or guardian

• Minor is mature & capable of giving informed consent

• Notice may lead to abuse of the minor; notification wouldn’t be in minors best interest

38
New cards

What to do if abuse is suspected?

Mandated reporters must make oral and written reports of suspected abuse or neglect

Oral reports made immediately; Written reports made within 48 hours of contact

39
New cards

Who are mandated reporters?

Health care practitioners

educators

human service workers

law enforcement officers

40
New cards

What are interpeters?

3rd patients that help interpret & explain procedures

Must have patient permission to speak with third party

New virtual remote interpreter = MARTTI system

41
New cards

HIPAA precautions when Faxing/Printing?

Use a “cover sheet” - confidentiality disclosure

Confirm FAX was received & sent to correct number

Don’t leave papers on printer, collect ASAP

42
New cards

What to do with Incidental Findings at UMBC lab?

• A form identifying the incidental finding will be provided to the student (urgent vs non urgent matter)

• Student will agree/disagree to finding being discussed in scan lab

• Learning process

43
New cards