HIPPA ACTUAL EXAM PAPER 2026 QUESTIONS
WITH SOLUTIONS GRADED A+
◉ The HIPAA Privacy Officer is responsible for: Answer: Tracking who
has access to PHI
◉ The HIPAA Security Officers are responsible for: Answer:
Safeguarding all electronic patient health information
◉ Which are the five areas of DHHS has mandated each covered entity
to address so that e-PHI is maintained securely? Answer: Organization
requirements; policies, procedures, and documentation; technical
safeguards; administrative safeguards; and physical safeguards.
◉ Reasonable physical safeguards for patient care areas include:
Answer: Having monitors turned away from viewing by visitors.
◉ To insure minimum opportunity to access data, passwords: Answer:
Should be changed every 90 days or sooner.
◉ Investigations of complaints of violations to the Security Rule are
under the direction of the: Answer: Office of HIPAA Standards
, ◉ With the passage of HIPAA, large healthcare providers would be
treated with faster service since their volumes of claims is larger than
small rural providers. Answer: True
◉ Nursing notes are not considered PHI since they are not physician's
notes and therefore are not protected by HIPAA law. Answer: False
◉ It is possible for a first name and zip code to be considered
individually identifiable health information (IIHI) Answer: False
◉ In HIPAA usage, TPO stands for Treatment, Payment, and Optional
Care. Answer: False
◉ Trading Partner agreements are only for electronic standard
transactions. Answer: True
◉ One good requirement to ensure secure access control is to install
automatic log off at each workstation. Answer: True
◉ HIPAA seeks to protect individual PHI and discloses that information
only when it is in the best interest of the patient. Answer: True
◉ Prescriptions may only be picked up by the patient to protect the
privacy of the individuals health information. Answer: False
WITH SOLUTIONS GRADED A+
◉ The HIPAA Privacy Officer is responsible for: Answer: Tracking who
has access to PHI
◉ The HIPAA Security Officers are responsible for: Answer:
Safeguarding all electronic patient health information
◉ Which are the five areas of DHHS has mandated each covered entity
to address so that e-PHI is maintained securely? Answer: Organization
requirements; policies, procedures, and documentation; technical
safeguards; administrative safeguards; and physical safeguards.
◉ Reasonable physical safeguards for patient care areas include:
Answer: Having monitors turned away from viewing by visitors.
◉ To insure minimum opportunity to access data, passwords: Answer:
Should be changed every 90 days or sooner.
◉ Investigations of complaints of violations to the Security Rule are
under the direction of the: Answer: Office of HIPAA Standards
, ◉ With the passage of HIPAA, large healthcare providers would be
treated with faster service since their volumes of claims is larger than
small rural providers. Answer: True
◉ Nursing notes are not considered PHI since they are not physician's
notes and therefore are not protected by HIPAA law. Answer: False
◉ It is possible for a first name and zip code to be considered
individually identifiable health information (IIHI) Answer: False
◉ In HIPAA usage, TPO stands for Treatment, Payment, and Optional
Care. Answer: False
◉ Trading Partner agreements are only for electronic standard
transactions. Answer: True
◉ One good requirement to ensure secure access control is to install
automatic log off at each workstation. Answer: True
◉ HIPAA seeks to protect individual PHI and discloses that information
only when it is in the best interest of the patient. Answer: True
◉ Prescriptions may only be picked up by the patient to protect the
privacy of the individuals health information. Answer: False
