HIPAA EXAM QUESTIONS AND ANSWERS
What is a Covered Entity(CE)? - Answers - •Any healthcare organization, including
healthcare providers, healthcare plans, and public health authorities
What does the term "PHI" stand for? - Answers - •Protected Health Information
A Facility is defined as : - Answers - •Physical premises and interior or exterior of a
building
Software that is designed to cause damage is called: - Answers - •Malicious Software
Employees and contractors of the Army as well as Soldiers with access to Soldier
health records are covered by the law. - Answers - •TRUE
The Health Insurance Portability and Accountability Act of 1996 is aimed at ensuring the
portability of health Insurance for individuals. - Answers - •TRUE
For obtaining health information under false pretenses, you could face fines of up to
$100,000 and/or five years in prison. - Answers - •TRUE
The minimum personal fine per day per occurrence for non compliance with HIPAA is -
Answers - •100
Business associates working on behalf of a CE are required to have a HIPAA certificate.
- Answers - •TRUE
PHI refers to only health information that is stored electronically. - Answers - •FALSE
Why are Privacy and Information Security necessary? - Answers - •An abundance of
information is collected, used, processed and shared in the Health Care Industry
Dentists and Dental Techs who are contracted by the Army must comply with HIPAA -
Answers - •TRUE
Employees, volunteers, trainees and other persons whose conduct in the performance
of work is under the direct control of a CE (covered entity) are defined as - Answers -
•Workforce
A HIPAA certificate expires: - Answers - •One year from the date it is created
The primary goal of the HIPAA law is: - Answers - •To make it easier for people to
keep health insurance and to help the industry control administrative costs.
A health plan is considered a covered entity (CE)? - Answers - •TRUE
, You can be fined on a personal basis for HIPAA violations. - Answers - •TRUE
Pick the two rules of HIPAA designed to protect a Soldier's individually identifiable
medical information from loss or accidental disclosure. - Answers - •Privacy
•Security
Disclosure is defined as: The release, transfer, provision of access to, or divulging of
information outside the entity holding the information. - Answers - •TRUE
PHI can include data such as a doctor's appointment slip. - Answers - •TRUE
PHI refers to only health information that is stored electronically. - Answers - •FALSE
You can be fined up to $250,000 and ten years in prison from using health information
for malicious harm. - Answers - •TRUE
The Privacy Rule gives all of these rights to Soldiers except? - Answers - •To request
the names, companies, and phone numbers of individuals that have accessed his/her
medical record
Which of these are the military exemptions?(Choose the BEST answer.) - Answers -
•All of the above
During a medical emergency a restricted medical record is available - Answers -
•TRUE
The medical record access report will list the date, description of information provided,
and reason. - Answers - •TRUE
All of these standards apply to the Privacy Rule except. - Answers - •How PHI is used
to treat a hospitalized Soldier
Select the two requirements listed below that must be satisfied for information to be
considered "individually identifiable". - Answers - •The information pertains to health
information
•It contains something that can identify the individual such as a name, number, or
address
Coordinating/providing sick call, routine and emergency care, quarters, and health care
from civilian providers are the only Military Privacy Rule exceptions. - Answers -
•FALSE
Access to a Soldier's medical record can be denied. - Answers - •TRUE
If a Soldier's record contains psychotherapy notes, a request to review their medical
record can be denied. - Answers - •TRUE
What is a Covered Entity(CE)? - Answers - •Any healthcare organization, including
healthcare providers, healthcare plans, and public health authorities
What does the term "PHI" stand for? - Answers - •Protected Health Information
A Facility is defined as : - Answers - •Physical premises and interior or exterior of a
building
Software that is designed to cause damage is called: - Answers - •Malicious Software
Employees and contractors of the Army as well as Soldiers with access to Soldier
health records are covered by the law. - Answers - •TRUE
The Health Insurance Portability and Accountability Act of 1996 is aimed at ensuring the
portability of health Insurance for individuals. - Answers - •TRUE
For obtaining health information under false pretenses, you could face fines of up to
$100,000 and/or five years in prison. - Answers - •TRUE
The minimum personal fine per day per occurrence for non compliance with HIPAA is -
Answers - •100
Business associates working on behalf of a CE are required to have a HIPAA certificate.
- Answers - •TRUE
PHI refers to only health information that is stored electronically. - Answers - •FALSE
Why are Privacy and Information Security necessary? - Answers - •An abundance of
information is collected, used, processed and shared in the Health Care Industry
Dentists and Dental Techs who are contracted by the Army must comply with HIPAA -
Answers - •TRUE
Employees, volunteers, trainees and other persons whose conduct in the performance
of work is under the direct control of a CE (covered entity) are defined as - Answers -
•Workforce
A HIPAA certificate expires: - Answers - •One year from the date it is created
The primary goal of the HIPAA law is: - Answers - •To make it easier for people to
keep health insurance and to help the industry control administrative costs.
A health plan is considered a covered entity (CE)? - Answers - •TRUE
, You can be fined on a personal basis for HIPAA violations. - Answers - •TRUE
Pick the two rules of HIPAA designed to protect a Soldier's individually identifiable
medical information from loss or accidental disclosure. - Answers - •Privacy
•Security
Disclosure is defined as: The release, transfer, provision of access to, or divulging of
information outside the entity holding the information. - Answers - •TRUE
PHI can include data such as a doctor's appointment slip. - Answers - •TRUE
PHI refers to only health information that is stored electronically. - Answers - •FALSE
You can be fined up to $250,000 and ten years in prison from using health information
for malicious harm. - Answers - •TRUE
The Privacy Rule gives all of these rights to Soldiers except? - Answers - •To request
the names, companies, and phone numbers of individuals that have accessed his/her
medical record
Which of these are the military exemptions?(Choose the BEST answer.) - Answers -
•All of the above
During a medical emergency a restricted medical record is available - Answers -
•TRUE
The medical record access report will list the date, description of information provided,
and reason. - Answers - •TRUE
All of these standards apply to the Privacy Rule except. - Answers - •How PHI is used
to treat a hospitalized Soldier
Select the two requirements listed below that must be satisfied for information to be
considered "individually identifiable". - Answers - •The information pertains to health
information
•It contains something that can identify the individual such as a name, number, or
address
Coordinating/providing sick call, routine and emergency care, quarters, and health care
from civilian providers are the only Military Privacy Rule exceptions. - Answers -
•FALSE
Access to a Soldier's medical record can be denied. - Answers - •TRUE
If a Soldier's record contains psychotherapy notes, a request to review their medical
record can be denied. - Answers - •TRUE
