CITI - HIPAA Training Exam Questions and Answers 100% Pass

CITI - HIPAA Training Exam Questions and Answers 100% Pass In the US, privacy protections for health information come from: - Answer- Privacy protections come from all of these sources - both federal and state law, as well as the requirements of private certification organizations. Privacy, in the health information context discussed here, refers to: - Answer- The rules about who can access health information, and under what circumstances. Under the federal HIPAA regulations, state health privacy laws: - Answer- Remain in effect if more stringent than what HIPAA provides. What kinds of persons and organizations are affected by HIPAA's requirements? - Answer- Health care providers, health plans, and health information clearinghouses, their business associates, and the workers for those organizations. HIPAA privacy protections cover identifiable personal information about the "past, present or future physical or mental health condition." What does that include? - Answer- Health information in any form or medium, as long as it is identified (or identifiable) as a particular person's information. When patients receive a copy of an organization's Privacy Notice, they are asked to sign an acknowledgment. Why? - Answer- It shows they received it. Organizations covered by the federal HIPAA privacy law are expected to - Answer- Protect the health information under their control, train their workers in how to protect information, and help patients exercise their rights under the law. Which of these is not a right under HIPAA? - Answer- To control all disclosures of information in the health record. What does HIPAA's "minimum necessary" standard require of health care workers? - Answer- Use or disclose only the minimum necessary amount of health information to accomplish a task. HIPAA's "incidental uses and disclosures" provision excuses deviations from the minimum necessary standard. What is excused? - Answer- Truly accidental "excess" uses and disclosures, where reasonable caution was otherwise used and there was no negligence. When a privacy problem is discovered, which of the following is/are true? - Answer- All of the above HIPAA allows health care organizations to control many information decisions. But where the patient retains control, which of the following is/are true? - Answer- If a person has a right to make a health care decision, then he/she has a right to control information associated with that decision. With respect to permissions for uses and disclosures, HIPAA divides up health information into three categories. Into which category does information related to" treatment, payment and health care operations" go? - Answer- Uses or disclosures that generally require oral agreement only. With respect to permissions for uses and disclosures, HIPAA divides up health information into three categories. Into which category do discussions with family members go? - Answer- Uses or disclosures that require generally oral agreement only. With respect to permissions for uses and disclosures, HIPAA divides up health information into three categories. Into which category does information related to research, marketing and fundraising go? - Answer- Uses or disclosures that generally require specific written authorization. Which of the following are organizations required to do under HIPAA? - Answer- Appoint a Privacy Officer to administer HIPAA rules. HIPAA allows healthcare organizations to control many information decisions. However, where the patient retains control, which of the following is true? - Answer- If a person has a right to make a healthcare decision, then generally that person has a right to control information associated with the decision. Which of these is not generally a good practice for telephone use? - Answer- Using voicemail systems and answering machines that do not require a password or PIN for access