HIPAA compliance study guide questions and answers 2025

PHI or (personal health information) is considered anything to identify the individual or a
reasonable basis to believe it can identify an individual - ANSWER True



When responding to a breach you should ensure to document all the steps taken to correct the
breach - ANSWER True



You must document any known violation of privacy - ANSWER True



A pharmacy is not considered a covered entity and does not have to follow HIPAA standards -
ANSWER False



A provider needed to share your healthcare information with another provider for your
treatment, it is appropriate to disclose the patient information only with the patient's expressed
permission or consent - ANSWER False



When did HIPAA become effective? - ANSWER 2003



Physical security measures that can be taken - ANSWER Locking up files, keeping computer
equipment behind locked doors, and positioning monitors so that they cannot be viewed by
passersby.



Technical security measures - ANSWER Encryption, automatic logoffs, & secret passwords



If breeches over this amount MUST be reported to the news media - ANSWER 500 patients