HIPAA EXAM QUESTIONS & ANSWERS
When does state privacy law supersede HIPAA? - Answers - When state privacy law is
more protective than HIPAA
Which of the following is NOT an example of physical security? - Answers - Data
encryption
De-Identification refers to ensuring that all of the individually identifiable information is
identified and included in any HIPAA standard transaction. - Answers - False
The five titles under HIPAA fall logically into which two major categories: - Answers -
Administrative Simplification and Insurance Reform
Which standard is for controlling and safeguarding of PHI in all forms? - Answers -
Privacy Standards
Within HIPAA how does Security differ from Privacy? - Answers - Security defines
safeguards for ePHI versus Privacy which defines safeguards for PHI
Which of the following are requirements associated with the Notice of Privacy
Practices? - Answers - All of the above
The HIPAA Security Rule is a technology neutral, federally mandated "floor" of
protection whose primary objective is to protect the confidentiality, integrity, and
availability of individually identifiable health information in electronic form when it is
stored, maintained, or transmitted. - Answers - True
An authorization is required for which of the following? - Answers - Non-routine
disclosures
Which of these entities could be considered a business associate? - Answers - All of
the above
Who enforces HIPAA? - Answers - Department of Health and Human Services
The Security Rule allows covered entities and business associates to take into account:
- Answers - All of the above
Of the following, which are implications of non-compliance with HIPAA? - Answers - All
of the above
Which of the following statements is accurate regarding the "Minimum Necessary" rule
in the HIPAA regulations? - Answers - Covered entities and business associated are
required to limit the use or disclosure or PHI to the minimum necessary to accomplish
the intended or specified purpose.
, What does PHI stand for? - Answers - Protected Health Information
What is transforming information via an algorithm to make it unreadable to anyone who
does not possess the decryption information required to read it? - Answers -
Encryption
What is a document that explains to patients how his or her PHI may be used and
disclosed? - Answers - Notice of Privacy Practices (NOPP)
What does HIPAA stand for? - Answers - Health Insurance Portability and
Accountability Act
What are the primary goals of HIPAA? - Answers - To improve the portability and
continuity of healthcare coverage
Under HIPAA what must health care providers ensure is always maintained? - Answers
- Patient Confidentiality
What is controlled by HIPAA for covered entities use and disclosure? - Answers -
Protected Health Information (PHI)
What is considered an unauthorized disclosure? - Answers - Invasion of Privacy
How many provisions of HIPAA are there? - Answers - 2
What is Title I of HIPAA called? - Answers - Health Insurance Reform
What regulates many types of health insurance? - Answers - State Law
Who regulates employer-offered health plans? - Answers - federal Employee
Retirement Income and Security Act of 1974 (ERISA)
What allows employees who are leaving a job to elect to continue their previous
employer's health coverage for a limited time? - Answers - Consolidated Omnibus
Budget Reconciliation Act of 1985 (COBRA)
What is Title II of HIPAA called? - Answers - Administrative Simplification
What restricted electronic transfer of healthcare data, gave patients more rights
regarding their own personal health information, and put in place better security of this
information? - Answers - Title II of HIPAA
What was encouraged so routine business information exchange could be exchanged
between computers? - Answers - Electronic Data Interchange (EDI)
When does state privacy law supersede HIPAA? - Answers - When state privacy law is
more protective than HIPAA
Which of the following is NOT an example of physical security? - Answers - Data
encryption
De-Identification refers to ensuring that all of the individually identifiable information is
identified and included in any HIPAA standard transaction. - Answers - False
The five titles under HIPAA fall logically into which two major categories: - Answers -
Administrative Simplification and Insurance Reform
Which standard is for controlling and safeguarding of PHI in all forms? - Answers -
Privacy Standards
Within HIPAA how does Security differ from Privacy? - Answers - Security defines
safeguards for ePHI versus Privacy which defines safeguards for PHI
Which of the following are requirements associated with the Notice of Privacy
Practices? - Answers - All of the above
The HIPAA Security Rule is a technology neutral, federally mandated "floor" of
protection whose primary objective is to protect the confidentiality, integrity, and
availability of individually identifiable health information in electronic form when it is
stored, maintained, or transmitted. - Answers - True
An authorization is required for which of the following? - Answers - Non-routine
disclosures
Which of these entities could be considered a business associate? - Answers - All of
the above
Who enforces HIPAA? - Answers - Department of Health and Human Services
The Security Rule allows covered entities and business associates to take into account:
- Answers - All of the above
Of the following, which are implications of non-compliance with HIPAA? - Answers - All
of the above
Which of the following statements is accurate regarding the "Minimum Necessary" rule
in the HIPAA regulations? - Answers - Covered entities and business associated are
required to limit the use or disclosure or PHI to the minimum necessary to accomplish
the intended or specified purpose.
, What does PHI stand for? - Answers - Protected Health Information
What is transforming information via an algorithm to make it unreadable to anyone who
does not possess the decryption information required to read it? - Answers -
Encryption
What is a document that explains to patients how his or her PHI may be used and
disclosed? - Answers - Notice of Privacy Practices (NOPP)
What does HIPAA stand for? - Answers - Health Insurance Portability and
Accountability Act
What are the primary goals of HIPAA? - Answers - To improve the portability and
continuity of healthcare coverage
Under HIPAA what must health care providers ensure is always maintained? - Answers
- Patient Confidentiality
What is controlled by HIPAA for covered entities use and disclosure? - Answers -
Protected Health Information (PHI)
What is considered an unauthorized disclosure? - Answers - Invasion of Privacy
How many provisions of HIPAA are there? - Answers - 2
What is Title I of HIPAA called? - Answers - Health Insurance Reform
What regulates many types of health insurance? - Answers - State Law
Who regulates employer-offered health plans? - Answers - federal Employee
Retirement Income and Security Act of 1974 (ERISA)
What allows employees who are leaving a job to elect to continue their previous
employer's health coverage for a limited time? - Answers - Consolidated Omnibus
Budget Reconciliation Act of 1985 (COBRA)
What is Title II of HIPAA called? - Answers - Administrative Simplification
What restricted electronic transfer of healthcare data, gave patients more rights
regarding their own personal health information, and put in place better security of this
information? - Answers - Title II of HIPAA
What was encouraged so routine business information exchange could be exchanged
between computers? - Answers - Electronic Data Interchange (EDI)
