HIPAA QUESTIONS AND ANSWERS
The HIPAA Privacy Rule protects a patient's fundamental right to privacy and
confidentiality. - Answer-True
You enter a conference room for a meeting and notice that several reports with patient
information are on the table. What do you do? - Answer-If you can determine who left
the reports, return the reports to them. Otherwise, give the reports to your supervisor or
HIPAA Liaison.
You are called a Covered Entity if you are a health care provider, health plan, or health
care clearinghouse who transmits information in an electronic form. - Answer-True
It is not appropriate for me to access or use patient protected health information: -
Answer-To find out about my best friend's condition after seeing her in the waiting area
of a practice.
PHI includes all health information that is used/disclosed except PHI in oral form. -
Answer-False
In general, disclosure of PHI must be limited to the least amount needed to accomplish
the intended purpose of the use, disclosure, or request. - Answer-True
The Notice of Privacy Practices gives patients notice about the use/disclosure of their
PHI, as well as their rights in general. - Answer-True
Under the right to access, workforce members have the right to access their own
medical records directly, using their user name and password into the NSU clinical
computer system. - Answer-False
Discussion about patients or patient information in public areas, such as the cafeteria,
may be overheard by unauthorized listeners and may violate the patient's right to
privacy. - Answer-True
Violation of the HIPAA Privacy Rules can result in the following penalty... - Answer-a
fine, jail sentence, and/or NSU discipline, including termination or expulsion.
It's ok to store unencrypted and identified ePHI on a memory stick/flash drive as long as
you keep the memory stick locked up or in your possession at all times. - Answer-False
It's ok to use someone else's password to access ePHI if you are both authorized for
the same access. - Answer-False
Unsecured Protected Health Information can include information in any form or medium,
including electronic, paper, or verbal. - Answer-True
The HIPAA Privacy Rule protects a patient's fundamental right to privacy and
confidentiality. - Answer-True
You enter a conference room for a meeting and notice that several reports with patient
information are on the table. What do you do? - Answer-If you can determine who left
the reports, return the reports to them. Otherwise, give the reports to your supervisor or
HIPAA Liaison.
You are called a Covered Entity if you are a health care provider, health plan, or health
care clearinghouse who transmits information in an electronic form. - Answer-True
It is not appropriate for me to access or use patient protected health information: -
Answer-To find out about my best friend's condition after seeing her in the waiting area
of a practice.
PHI includes all health information that is used/disclosed except PHI in oral form. -
Answer-False
In general, disclosure of PHI must be limited to the least amount needed to accomplish
the intended purpose of the use, disclosure, or request. - Answer-True
The Notice of Privacy Practices gives patients notice about the use/disclosure of their
PHI, as well as their rights in general. - Answer-True
Under the right to access, workforce members have the right to access their own
medical records directly, using their user name and password into the NSU clinical
computer system. - Answer-False
Discussion about patients or patient information in public areas, such as the cafeteria,
may be overheard by unauthorized listeners and may violate the patient's right to
privacy. - Answer-True
Violation of the HIPAA Privacy Rules can result in the following penalty... - Answer-a
fine, jail sentence, and/or NSU discipline, including termination or expulsion.
It's ok to store unencrypted and identified ePHI on a memory stick/flash drive as long as
you keep the memory stick locked up or in your possession at all times. - Answer-False
It's ok to use someone else's password to access ePHI if you are both authorized for
the same access. - Answer-False
Unsecured Protected Health Information can include information in any form or medium,
including electronic, paper, or verbal. - Answer-True
