Healthstream Workplace Questions And
Answers
Prior to any release of PHI directly to law enforcement, make sure you know what with law
enforcement. C. can and cannot be shared
Certain medical devices that contain ePHI can be wirelessly hacked for the protected information
or to stop the device or alter its programming. A. True
An indicator of a phishing attempt is that the email E. All the above
Electronic media includes _________________ D. All the above
________________ are subject to the Security Rule. C. Health plans, healthcare providers
and healthcare clearinghouses that transmit PHI electronically
Rented or leased devices used in health care, such as copiers, fax machines and scanners, should
be stripped of all information prior to returning to the owners. A. True
, Healthstream Workplace Questions And
Answers
If you believe you have identified a phishing email, the best approach would be to . B.
stop, and follow your organization's policy and procedure for a suspected phishing attempt
Choose the CORRECT statement(s) regarding the purpose of the Security Rule. D. B and
C
ePHI is defined as . B. PHI that is covered under the HIPAA Security Rule and is
produced, saved, transferred or received in an electronic form
If you have a concern as to the legitimacy of an email, you can always . B. pick up the
phone and call the company from a number you already have, not one listed in the email
Two reasons for the value of healthcare information are ____________ and ____________.
D. B and C
Under the Security Rule Technical Safeguards, encryption is defined as the process of converting
. D. information or data into a code, the purpose of which is to prevent unauthorized
access
, Healthstream Workplace Questions And
Answers
The definition of decryption is . C. the process of taking encoded or encrypted text or
other data and converting it back into text that you or the computer can read and understand
ePHI is defined as . B. PHI that is covered under the HIPAA Security Rule and is
produced, saved, transferred or received in an electronic form
The Technical Safeguards are the technology and the policies and procedures for its use that
protect and control access to ePHI. A. True
Which of the following is a Physical Safeguard? D. All the above
The Security Rule operationalizes the protections contained in the Privacy Rule by addressing
the Technical and nontechnical Safeguards that covered entities must put in place to secure
individuals' ePHI. A. True
Which of the following can help avoid risks associated with social media? D. A and C
, Healthstream Workplace Questions And
Answers
A unique and strong password contains a combination of uppercase and lowercase letters,
numbers and symbols. A. True
Choose the CORRECT statement regarding Minimum Necessary requirements. A. A
covered entity is required to limit the access of ePHI to a workforce member to only that which
is necessary to do his or her job
Which of the following is a rule regarding passwords? E. A, B, and C
Which of the following is a government sanction provided under the Stark regulation? E.
B and C only
In order to qualify for the recruitment exception, the arrangement must . D. A and B
Which of the following is TRUE about the Stark Law? D. All the above
Stark defines fair market value (FMV) as . B. the value in an arm's-length transaction that
is consistent with general market value
Answers
Prior to any release of PHI directly to law enforcement, make sure you know what with law
enforcement. C. can and cannot be shared
Certain medical devices that contain ePHI can be wirelessly hacked for the protected information
or to stop the device or alter its programming. A. True
An indicator of a phishing attempt is that the email E. All the above
Electronic media includes _________________ D. All the above
________________ are subject to the Security Rule. C. Health plans, healthcare providers
and healthcare clearinghouses that transmit PHI electronically
Rented or leased devices used in health care, such as copiers, fax machines and scanners, should
be stripped of all information prior to returning to the owners. A. True
, Healthstream Workplace Questions And
Answers
If you believe you have identified a phishing email, the best approach would be to . B.
stop, and follow your organization's policy and procedure for a suspected phishing attempt
Choose the CORRECT statement(s) regarding the purpose of the Security Rule. D. B and
C
ePHI is defined as . B. PHI that is covered under the HIPAA Security Rule and is
produced, saved, transferred or received in an electronic form
If you have a concern as to the legitimacy of an email, you can always . B. pick up the
phone and call the company from a number you already have, not one listed in the email
Two reasons for the value of healthcare information are ____________ and ____________.
D. B and C
Under the Security Rule Technical Safeguards, encryption is defined as the process of converting
. D. information or data into a code, the purpose of which is to prevent unauthorized
access
, Healthstream Workplace Questions And
Answers
The definition of decryption is . C. the process of taking encoded or encrypted text or
other data and converting it back into text that you or the computer can read and understand
ePHI is defined as . B. PHI that is covered under the HIPAA Security Rule and is
produced, saved, transferred or received in an electronic form
The Technical Safeguards are the technology and the policies and procedures for its use that
protect and control access to ePHI. A. True
Which of the following is a Physical Safeguard? D. All the above
The Security Rule operationalizes the protections contained in the Privacy Rule by addressing
the Technical and nontechnical Safeguards that covered entities must put in place to secure
individuals' ePHI. A. True
Which of the following can help avoid risks associated with social media? D. A and C
, Healthstream Workplace Questions And
Answers
A unique and strong password contains a combination of uppercase and lowercase letters,
numbers and symbols. A. True
Choose the CORRECT statement regarding Minimum Necessary requirements. A. A
covered entity is required to limit the access of ePHI to a workforce member to only that which
is necessary to do his or her job
Which of the following is a rule regarding passwords? E. A, B, and C
Which of the following is a government sanction provided under the Stark regulation? E.
B and C only
In order to qualify for the recruitment exception, the arrangement must . D. A and B
Which of the following is TRUE about the Stark Law? D. All the above
Stark defines fair market value (FMV) as . B. the value in an arm's-length transaction that
is consistent with general market value
