HIPAA and Privacy Act- Challenge
Questions and Answers | Latest
Version | 2025/2026 | Correct & Verified
Who is required to comply with HIPAA?
✔✔Covered entities including healthcare providers, health plans, and clearinghouses, as well as
their business associates.
Can employees access the PHI of friends or family members for personal reasons?
✔✔No, accessing PHI without authorization or work-related need is prohibited.
What should you do if you suspect a HIPAA violation?
✔✔Report it immediately to a supervisor or the organization’s privacy officer.
Can PHI be discussed in public areas of a healthcare facility?
✔✔No, conversations about PHI must occur in private areas.
What are examples of PHI identifiers?
1
, ✔✔Names, addresses, dates of birth, social security numbers, medical record numbers, and
photos.
How should PHI be transmitted electronically to maintain compliance?
✔✔Through secure methods such as encryption, secure portals, or protected email.
Can a patient request restrictions on the use of their PHI?
✔✔Yes, and covered entities must consider such requests and may agree to restrict certain uses.
Can employees take PHI home on personal devices?
✔✔Only if approved by policy and proper security measures are implemented.
What are technical safeguards under HIPAA?
✔✔Measures like encryption, access controls, firewalls, and audit logs to protect electronic PHI.
What are physical safeguards under HIPAA?
✔✔Locking file cabinets, restricted access areas, and secure storage for records.
2
Questions and Answers | Latest
Version | 2025/2026 | Correct & Verified
Who is required to comply with HIPAA?
✔✔Covered entities including healthcare providers, health plans, and clearinghouses, as well as
their business associates.
Can employees access the PHI of friends or family members for personal reasons?
✔✔No, accessing PHI without authorization or work-related need is prohibited.
What should you do if you suspect a HIPAA violation?
✔✔Report it immediately to a supervisor or the organization’s privacy officer.
Can PHI be discussed in public areas of a healthcare facility?
✔✔No, conversations about PHI must occur in private areas.
What are examples of PHI identifiers?
1
, ✔✔Names, addresses, dates of birth, social security numbers, medical record numbers, and
photos.
How should PHI be transmitted electronically to maintain compliance?
✔✔Through secure methods such as encryption, secure portals, or protected email.
Can a patient request restrictions on the use of their PHI?
✔✔Yes, and covered entities must consider such requests and may agree to restrict certain uses.
Can employees take PHI home on personal devices?
✔✔Only if approved by policy and proper security measures are implemented.
What are technical safeguards under HIPAA?
✔✔Measures like encryption, access controls, firewalls, and audit logs to protect electronic PHI.
What are physical safeguards under HIPAA?
✔✔Locking file cabinets, restricted access areas, and secure storage for records.
2
