1/26
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
---|
No study sessions yet.
Deals with the legal rights and relationship of private individuals
Torts: Any wrongful acts for which a civil suit can be brought
Contracts: Binding agreements between two or more parties
What is civil law?
Deals with relationships between individuals and government
Criminal Law: Crime and their punishments
Regulations: Published rules that interpret laws
What is public law?
Hearsay statements made during an incident are admissible as evidence
What is res gestae?
Means something is self-evident (example: surgical instruments left in the patient’s abdominal cavity)
What is res ipsa loquitur?
The final judgement of a competent court is conclusive →
prevents a plaintiff from suing on a claim that has already been decided
prevents a defendant from raising any new defense to defeat enforcement of earlier judgement
What is res judicata?
An employer is responsible for the legal consequences of an employee’s actions
What is respondeat superior?
phishing attack
What is the most common cause of data breaches in healthcare?
Involves converting data into encrypted format that can only be accessed with the appropriate decryption key
What is encryption?
Results when a health care provider acts in an improper or negligent manner and the patient’s result is injury, damage, or loss
What is medical malpractice?
Failure to exercise the degree of care considered reasonable under the circumstances resulting in an unintended injury to another party
What is required to establish negligence in a medical malpractice case?
A brief description of the breach
Instructions on how affected individuals can protect themselves
Contact information for further assistance
What must be included in a breach notification to affected individuals?
Used to document patient information released to authorized requestors
What is a release of information log?
Establishes national standards for the protection of individually identifiable health information held by covered entities
Describe the HIPAA Privacy Rule.
Sets safeguards for the security of electronic protected health information and requires covered entities to implement administrative, physical, and technical safeguards to protect ePHI
Describe the HIPAA Security Rule.
Attorney requests
Employers (except when PHI is released to report work-related illnesses or injuries
Some government agencies
Health care providers that did not render care to patients
HIV-related information
IRS
Law enforcement
Marketing communications
Third-party payers (except for payment)
Workers’ compensation carriers (when required by state law
What situations require patient consent for disclosure of PHI?
Health oversight activities
Public health activities
Law enforcement purposes
Judicial and administrative proceedings
Identification and location purposes
Decedents
Research purposes
FDA
Specialized government functions
Workers’ compensation
What situations DO NOT require patient consent to disclose PHI?
Refers to the time period after which a lawsuit cannot be filed
What is a statute of limitations?
Covered entities must also notify the Secretary of Health and Human Services (HHS) and media outlets serving the affected individuals without unreasonable delay and no later than 60 days after discovering the breach.
What is required if a data breach affects over 500 individuals?
Attempts to trick healthcare employees into providing sensitive information through deceptive emails or messages
What is a phishing attack?
Malicious or negligent actions by employees or other insiders who have access to EHRs
What are insider threats?
Malicious software that can corrupt, steal, or lockup data within an EHR system
What is malware?
Attempts to overwhelm the EHR system, making it unavailable to users
What is a denial of service attack?
A network security device or software designed to monitor and control incoming and outgoing network traffic based on predetermined security rules
To establish a barrier between a trusted internal network and untrusted external networks to protect the internal network
What is a firewall
Networking device that combines the functions of a traditional wired router with those of a wireless access point
What is a wireless router?
Strong encryption, multi-factor authentication, and robust network security measures.
How can healthcare organizations limit access to sensitive patient information?
Type of program designed to detect, prevent, and remove malicious software (malware) from computers and other digital devices
Protects systems from cyber threats
What is antivirus software?
Unauthorized access to EHR systems resulting in the exposure of sensitive patient information.
What is a data breach?