CITI - HIPAA Training
In the US, privacy protections for health information come from: - correct
answer ✔Privacy protections come from all of these sources - both federal
and state law, as well as the requirements of private certification
organizations.
Privacy, in the health information context discussed here, refers to: - correct
answer ✔The rules about who can access health information, and under what
circumstances.
Under the federal HIPAA regulations, state health privacy laws: - correct
answer ✔Remain in effect if more stringent than what HIPAA provides.
What kinds of persons and organizations are affected by HIPAA's
requirements? - correct answer ✔Health care providers, health plans, and
health information clearinghouses, their business associates, and the workers
for those organizations.
HIPAA privacy protections cover identifiable personal information about the
"past, present or future physical or mental health condition." What does that
include? - correct answer ✔Health information in any form or medium, as
long as it is identified (or identifiable) as a particular person's information.
When patients receive a copy of an organization's Privacy Notice, they are
asked to sign an acknowledgment. Why? - correct answer ✔It shows they
received it.
Organizations covered by the federal HIPAA privacy law are expected to -
correct answer ✔Protect the health information under their control, train their
, workers in how to protect information, and help patients exercise their rights
under the law.
Which of these is not a right under HIPAA? - correct answer ✔To control all
disclosures of information in the health record.
What does HIPAA's "minimum necessary" standard require of health care
workers? - correct answer ✔Use or disclose only the minimum necessary
amount of health information to accomplish a task.
HIPAA's "incidental uses and disclosures" provision excuses deviations from
the minimum necessary standard. What is excused? - correct answer ✔Truly
accidental "excess" uses and disclosures, where reasonable caution was
otherwise used and there was no negligence.
When a privacy problem is discovered, which of the following is/are true? -
correct answer ✔All of the above
HIPAA allows health care organizations to control many information decisions.
But where the patient retains control, which of the following is/are true? -
correct answer ✔If a person has a right to make a health care decision, then
he/she has a right to control information associated with that decision.
With respect to permissions for uses and disclosures, HIPAA divides up
health information into three categories. Into which category does information
related to" treatment, payment and health care operations" go? - correct
answer ✔Uses or disclosures that generally require oral agreement only.
With respect to permissions for uses and disclosures, HIPAA divides up
health information into three categories. Into which category do discussions
In the US, privacy protections for health information come from: - correct
answer ✔Privacy protections come from all of these sources - both federal
and state law, as well as the requirements of private certification
organizations.
Privacy, in the health information context discussed here, refers to: - correct
answer ✔The rules about who can access health information, and under what
circumstances.
Under the federal HIPAA regulations, state health privacy laws: - correct
answer ✔Remain in effect if more stringent than what HIPAA provides.
What kinds of persons and organizations are affected by HIPAA's
requirements? - correct answer ✔Health care providers, health plans, and
health information clearinghouses, their business associates, and the workers
for those organizations.
HIPAA privacy protections cover identifiable personal information about the
"past, present or future physical or mental health condition." What does that
include? - correct answer ✔Health information in any form or medium, as
long as it is identified (or identifiable) as a particular person's information.
When patients receive a copy of an organization's Privacy Notice, they are
asked to sign an acknowledgment. Why? - correct answer ✔It shows they
received it.
Organizations covered by the federal HIPAA privacy law are expected to -
correct answer ✔Protect the health information under their control, train their
, workers in how to protect information, and help patients exercise their rights
under the law.
Which of these is not a right under HIPAA? - correct answer ✔To control all
disclosures of information in the health record.
What does HIPAA's "minimum necessary" standard require of health care
workers? - correct answer ✔Use or disclose only the minimum necessary
amount of health information to accomplish a task.
HIPAA's "incidental uses and disclosures" provision excuses deviations from
the minimum necessary standard. What is excused? - correct answer ✔Truly
accidental "excess" uses and disclosures, where reasonable caution was
otherwise used and there was no negligence.
When a privacy problem is discovered, which of the following is/are true? -
correct answer ✔All of the above
HIPAA allows health care organizations to control many information decisions.
But where the patient retains control, which of the following is/are true? -
correct answer ✔If a person has a right to make a health care decision, then
he/she has a right to control information associated with that decision.
With respect to permissions for uses and disclosures, HIPAA divides up
health information into three categories. Into which category does information
related to" treatment, payment and health care operations" go? - correct
answer ✔Uses or disclosures that generally require oral agreement only.
With respect to permissions for uses and disclosures, HIPAA divides up
health information into three categories. Into which category do discussions
