HIPAA AND PRIVACY ACT TRAINING
(DHA-US001) EXAM QUESTIONS WITH
CORRECT ANSWERS
Select all that apply: In which of the following circumstances must an individual be given
the opportunity to agree or object to the use and disclosure of their PHI? - Answer-Both
A and C
-Before PHI directly relevant to a person's involvement with the individual's care or
payment of health care is shared with that person
- Before their information is included in a facility directory
Which of the following statements about the HIPAA Security Rule are true? - Answer-All
of the above
A covered entity (CE) must have an established complaint process. - Answer-True
The e-Government Act promotes the use of electronic government services by the
public and improves the use of information technology in the government. - Answer-
True
When must a breach be reported to the U.S. Computer Emergency Readiness Team? -
Answer-Within 1 hour of discovery
Which of the following statements about the Privacy Act are true? - Answer-All of the
above
What of the following are categories for punishing violations of federal health care laws?
- Answer-All of the above
Which of the following are common causes of breaches? - Answer-All of the above
Which of the following are fundamental objectives of information security? - Answer-All
of the above
If an individual believes that a DoD covered entity (CE) is not complying with HIPAA, he
or she may file a complaint with the: - Answer-All of the above
Technical safeguards are: - Answer-Information technology and the associated policies
and procedures that are used to protect and control access to ePHI
A Privacy Impact Assessment (PIA) is an analysis of how information is handled: -
Answer-All of the above
(DHA-US001) EXAM QUESTIONS WITH
CORRECT ANSWERS
Select all that apply: In which of the following circumstances must an individual be given
the opportunity to agree or object to the use and disclosure of their PHI? - Answer-Both
A and C
-Before PHI directly relevant to a person's involvement with the individual's care or
payment of health care is shared with that person
- Before their information is included in a facility directory
Which of the following statements about the HIPAA Security Rule are true? - Answer-All
of the above
A covered entity (CE) must have an established complaint process. - Answer-True
The e-Government Act promotes the use of electronic government services by the
public and improves the use of information technology in the government. - Answer-
True
When must a breach be reported to the U.S. Computer Emergency Readiness Team? -
Answer-Within 1 hour of discovery
Which of the following statements about the Privacy Act are true? - Answer-All of the
above
What of the following are categories for punishing violations of federal health care laws?
- Answer-All of the above
Which of the following are common causes of breaches? - Answer-All of the above
Which of the following are fundamental objectives of information security? - Answer-All
of the above
If an individual believes that a DoD covered entity (CE) is not complying with HIPAA, he
or she may file a complaint with the: - Answer-All of the above
Technical safeguards are: - Answer-Information technology and the associated policies
and procedures that are used to protect and control access to ePHI
A Privacy Impact Assessment (PIA) is an analysis of how information is handled: -
Answer-All of the above
