HIPAA Exam Questions and Answers 100% Pass

HIPAA Exam Questions and Answers 100% Pass HIPAA - Answer- The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, was enacted on August 21, 1996. Sections 261 through 264 of HIPAA require the Secretary of HHS to publicize standards for the electronic exchange, privacy and security of health information. Collectively these are known as the Administrative Simplification provisions. Who is covered by the HIPAA Privacy Rule? - Answer- The Privacy Rule, as well as all the Administrative Simplification rules, apply to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA (the "covered entities"). Covered entities - Answer- Healthcare clearinghouses, health plans and healthcare providers Business associate - Answer- A business associate is a person or organization, other than a member of a covered entity's workforce, that performs certain functions or activities on behalf of, or provides certain services to, a covered entity that involve the use or disclosure of individually identifiable health information. Business associate functions or activities on behalf of a covered entity include claims processing, data analysis, utilization review, and billing. Business associate services to a covered entity are limited to legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services. What information is protected by HIPAA? - Answer- Protected Health Information (PHI). The Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. What is the purpose of the Privacy Rule? - Answer- The major purpose of the Privacy Rule is to define and limit the circumstances in which an individual's protected heath information may be used or disclosed by covered entities. A covered entity may not use or disclose protected health information, except either: (1) as the Privacy Rule permits or requires; or (2) as the individual who is the subject of the information (or the individual's personal representative) authorizes in writing. Permitted uses and disclosures of PHI - Answer- A covered entity is permitted, but not required, to use and disclose protected health information, without an individual's authorization, for the following purposes or situations: (1) To the Individual (unless required for access or accounting of disclosures) (2) Treatment, Payment, and Health CareOperations (3) Opportunity to Agree or Object (4) Incident to an otherwise permitted use and disclosure (5) Public Interest and Benefit Activities (6) Limited Data Set for the purposes of research, public health or health care operations. When is authorization required to use or disclose an individual's PHI? - Answer- A covered entity must obtain the individual's written authorization for any use or disclosure of protected health information that is not for treatment, payment or health care operations or otherwise permitted or required by the Privacy Rule. Do psychotherapy notes require authorization? - Answer- A covered entity must obtain an individual's authorization to use or disclose psychotherapy notes with the following exceptions: • The covered entity who originated the notes may use them for treatment. • A covered entity may use or disclose, without an individual's authorization, the psychotherapy notes, for its own training, and to defend itself in legal proceedings brought by the individual, for HHS to investigate or dete