answers
Question 1: The PHI of 600 patients in Tennessee was breached. Whom should
be notified?
a. HHS secretary
b. Patients involved
c. Media
d. All of the above✔✔Your Answer
All of the above
Feedback
All of these need to be notified.
Question 2: Which use/disclosure of PHI is allowed under the HIPAA Privacy
Rule?
a. Releasing information about a celebrity patient to the media
b. Requesting unnecessary information about a patient out of curiosity
c. Discussing a patient's case with a provider involved in the patient's care
d. Chatting about a patient w/ a provider not involved in the patient's
care✔✔Your Answer
Discussing a patient's case with a provider involved in the patient's care
Feedback
PHI should be disclosed only to those with a need to know, such as providers
involved in the patient's care.
Question 3: Which disclosure/use of PHI is allowed under the HIPAA Privacy
Rule?
, a. Releasing a patients PHI to the patient when he or she requests access
b. Releasing a patients PHI to the media when the media requests access
c. Releasing a patients PHI to the patient's best friend when the friend requests
access
d. Releasing a patients PHI to the patients co-workers when the co-workers
request access✔✔Your Answer
Releasing a patient's PHI to the patient when he or she requests access
Feedback
PHI must be released to a patient when he or she requests access. Friends, co-
workers, and the media should not be given access to PHI, unless the patient
provides clear, written permission.
Question 4: Which of the following is a technical safeguard for PHI?
a. Removing electronic PHI from media before media reuse
b. Ensuring that PHI sent electronically is not changed improperly
c. Controlling physical access to workstations
d. Authorizing and/or supervising employees who work w/ electronic
PHI✔✔Your Answer
Ensuring that PHI sent electronically is not changed improperly
Feedback
A technical safeguard for PHI required under HIPAA is integrity control:
measures for ensuring that 1) PHI sent electronically is not changed improperly
and 2) any improper changes will be detected.
Question 5: What is the civil penalty for unknowingly violating HIPAA?
a. $1000 to $50,000