HIPAA Training Questions and
Answers | Latest Version | 2025/2026 |
Correct & Verified
Which of the following is an example of a HIPAA violation?
A. Logging off a workstation
✔✔B. Accessing PHI of a celebrity patient without a work-related need
C. Completing a chart on time
D. Using secure passwords
Can employees discuss PHI on personal devices without authorization?
A. Yes, after work hours
✔✔B. No, unauthorized sharing is prohibited
C. Only with friends
D. Only in emergencies
What is the purpose of logging access to ePHI?
A. To confuse hackers
B. To keep IT records
1
,✔✔C. To track who accessed PHI and detect unauthorized use
D. To reduce paperwork
Which of the following is an example of a technical safeguard?
A. Staff training
B. Privacy policies
✔✔C. Password-protected systems and encryption
D. Locked file cabinets
What should a staff member do if they suspect a HIPAA breach?
A. Ignore it
✔✔B. Report it immediately to a supervisor or privacy officer
C. Discuss with friends
D. Wait for patient complaint
Are employees allowed to post PHI on social media?
A. Only for work
B. Only with patient consent verbally
2
, ✔✔C. No, PHI should never be shared on social media
D. Only after discharge
What is the main purpose of HIPAA?
A. Protect hospital property
B. Regulate employee conduct
✔✔C. Protect patient privacy and health information
D. Manage billing procedures
Can PHI be shared for payment purposes?
A. No, never
✔✔B. Yes, as needed to process insurance or payments
C. Only verbally
D. Only with family members
What does HIPAA protect?
A. Employees’ salaries
✔✔B. Patients’ health information
3
Answers | Latest Version | 2025/2026 |
Correct & Verified
Which of the following is an example of a HIPAA violation?
A. Logging off a workstation
✔✔B. Accessing PHI of a celebrity patient without a work-related need
C. Completing a chart on time
D. Using secure passwords
Can employees discuss PHI on personal devices without authorization?
A. Yes, after work hours
✔✔B. No, unauthorized sharing is prohibited
C. Only with friends
D. Only in emergencies
What is the purpose of logging access to ePHI?
A. To confuse hackers
B. To keep IT records
1
,✔✔C. To track who accessed PHI and detect unauthorized use
D. To reduce paperwork
Which of the following is an example of a technical safeguard?
A. Staff training
B. Privacy policies
✔✔C. Password-protected systems and encryption
D. Locked file cabinets
What should a staff member do if they suspect a HIPAA breach?
A. Ignore it
✔✔B. Report it immediately to a supervisor or privacy officer
C. Discuss with friends
D. Wait for patient complaint
Are employees allowed to post PHI on social media?
A. Only for work
B. Only with patient consent verbally
2
, ✔✔C. No, PHI should never be shared on social media
D. Only after discharge
What is the main purpose of HIPAA?
A. Protect hospital property
B. Regulate employee conduct
✔✔C. Protect patient privacy and health information
D. Manage billing procedures
Can PHI be shared for payment purposes?
A. No, never
✔✔B. Yes, as needed to process insurance or payments
C. Only verbally
D. Only with family members
What does HIPAA protect?
A. Employees’ salaries
✔✔B. Patients’ health information
3
