RELIAS HIPAA AND PATIENT PRIVACY EXAM
QUESTION AND CORRECT ANSWERS
(VERIFIED ANSWERS) PLUS RATIONALES
2026 Q&A INSTANT DOWNLOAD PDF
1. What does PHI stand for?
A. Personal Health Insurance
B. Protected Health Information
C. Public Health Information
D. Private Hospital Information
Answer: B
PHI refers to individually identifiable health information protected
under HIPAA.
2. Which of the following is considered PHI?
A. A patient’s favorite color
B. A patient’s medical diagnosis
C. A hospital room number alone
D. General health statistics
Answer: B
Medical diagnoses can identify a patient and relate to their health,
making them PHI.
3. Who must comply with HIPAA regulations?
A. Only hospitals
, B. Only physicians
C. Covered entities and business associates
D. Only insurance companies
Answer: C
HIPAA applies to covered entities and their business associates who
handle PHI.
4. Which is an example of a covered entity?
A. A grocery store
B. A school
C. A nursing home
D. A fitness center
Answer: C
Healthcare providers like nursing homes are covered entities under
HIPAA.
5. What is the minimum necessary rule?
A. Sharing all patient data freely
B. Limiting PHI access to the least amount needed
C. Allowing patients unlimited access to staff records
D. Restricting all PHI sharing
Answer: B
HIPAA requires limiting PHI use and disclosure to the minimum
necessary.
6. When may PHI be shared without patient authorization?
A. For treatment, payment, and healthcare operations
B. For marketing
C. With the media
D. With friends without consent
Answer: A
, HIPAA allows PHI sharing for TPO without explicit patient
authorization.
7. What is a HIPAA breach?
A. Proper use of PHI
B. Unauthorized access, use, or disclosure of PHI
C. Patient consent to share data
D. Secure storage of records
Answer: B
A breach occurs when PHI is accessed or disclosed improperly.
8. What should you do if you suspect a HIPAA violation?
A. Ignore it
B. Report it according to facility policy
C. Post about it online
D. Confront the patient
Answer: B
Reporting suspected violations helps prevent further harm and
ensures compliance.
9. Which form of PHI requires protection?
A. Electronic only
B. Paper only
C. Verbal only
D. Electronic, paper, and verbal
Answer: D
HIPAA protects PHI in all forms.
10. Which is an example of verbal PHI disclosure?
A. Shredding documents
B. Discussing patient information in public areas
C. Encrypting data
D. Logging out of a computer
QUESTION AND CORRECT ANSWERS
(VERIFIED ANSWERS) PLUS RATIONALES
2026 Q&A INSTANT DOWNLOAD PDF
1. What does PHI stand for?
A. Personal Health Insurance
B. Protected Health Information
C. Public Health Information
D. Private Hospital Information
Answer: B
PHI refers to individually identifiable health information protected
under HIPAA.
2. Which of the following is considered PHI?
A. A patient’s favorite color
B. A patient’s medical diagnosis
C. A hospital room number alone
D. General health statistics
Answer: B
Medical diagnoses can identify a patient and relate to their health,
making them PHI.
3. Who must comply with HIPAA regulations?
A. Only hospitals
, B. Only physicians
C. Covered entities and business associates
D. Only insurance companies
Answer: C
HIPAA applies to covered entities and their business associates who
handle PHI.
4. Which is an example of a covered entity?
A. A grocery store
B. A school
C. A nursing home
D. A fitness center
Answer: C
Healthcare providers like nursing homes are covered entities under
HIPAA.
5. What is the minimum necessary rule?
A. Sharing all patient data freely
B. Limiting PHI access to the least amount needed
C. Allowing patients unlimited access to staff records
D. Restricting all PHI sharing
Answer: B
HIPAA requires limiting PHI use and disclosure to the minimum
necessary.
6. When may PHI be shared without patient authorization?
A. For treatment, payment, and healthcare operations
B. For marketing
C. With the media
D. With friends without consent
Answer: A
, HIPAA allows PHI sharing for TPO without explicit patient
authorization.
7. What is a HIPAA breach?
A. Proper use of PHI
B. Unauthorized access, use, or disclosure of PHI
C. Patient consent to share data
D. Secure storage of records
Answer: B
A breach occurs when PHI is accessed or disclosed improperly.
8. What should you do if you suspect a HIPAA violation?
A. Ignore it
B. Report it according to facility policy
C. Post about it online
D. Confront the patient
Answer: B
Reporting suspected violations helps prevent further harm and
ensures compliance.
9. Which form of PHI requires protection?
A. Electronic only
B. Paper only
C. Verbal only
D. Electronic, paper, and verbal
Answer: D
HIPAA protects PHI in all forms.
10. Which is an example of verbal PHI disclosure?
A. Shredding documents
B. Discussing patient information in public areas
C. Encrypting data
D. Logging out of a computer
