CITI Training questions with correct answers

Privacy, in the health information context, refers to: - Answer The rules about who can access health information, and under what circumstances. In the U.S., privacy protections for health information come from: - Answer Federal, state, local, and private certification organizations' requirements With respect to permissions for uses and disclosures, HIPAA divides health information into three categories. Into which category do discussions with family members go? - Answer Uses or disclosures that generally require oral agreement only. Under HIPAA, an organization is required to do which of the following? - Answer Appoint a Privacy Officer to administer HIPAA rules. When patients receive a copy of an organization's privacy notice, why are they asked to sign an acknowledgment? - Answer It shows they received it. Which of these is not a right under HIPAA? - Answer To control all disclosures of information in the health record. HIPAA's "incidental uses and disclosures" provision excuses deviations from the minimum necessary standard. What is excused? - Answer Truly accidental "excess" uses and disclosures, where reasonable caution was otherwise used and there was no negligence.