Kinn’s Medical Assistant 15th edition
Ch. 4 Test Bank Questions and
Answers Correctly Solved 2025\2026
Latest Update.
Policies - Answer written principals that provide goals for employees and the facility
Procedures - Answer step by step directions that provide a consistent and repetitive approach
to accomplishing a goal
state preemption - Answer if a state's privacy laws are stricter than HIPAA privacy standards,
the state laws take precedence
privacy - Answer the right of people not to reveal information about themselves
Confidentiality - Answer the legally protected right of patients to have their personal and
medical information kept private
HIPAA (Health Insurance Portability and Accountability Act) - Answer a federal law that sets
standards for protecting the privacy of patients' health information
HHS (U.S. Department of Health and Human Services) - Answer responsible for developing the
specific requirements of the law
OCR - Answer Office for Civil Rights, enforces HIPAA
HIPAA standard 1 - Answer Transactions and Code Sets, current procedural terminology (CPT)
is used to code procedures and services
HIPAA standard 2 - Answer Related to the privacy rule, healthcare facilities, insurance
companies and others need to protect written, electronic and oral patient health info
HIPAA standard 3 - Answer related to the Security Rule, healthcare facilities, insurance
, Covered entities - Answer Healthcare providers, insurance providers and policies, dentists,
clinics, medicare and medicade
Protected Health Information (PHI) - Answer Any information about health status, provision of
health care, or payment for health care that can be linked to an individual. This is interpreted
rather broadly and includes any part of a patient's medical record or payment history.
Business associate - Answer A person, who on behalf of the covered entity, performs or assists
in the performance of a function or activity involving the use or disclosure of individually
identifieable health information.
Permission - Answer a reason for releasing or disclosing patient info under HIPAA
De-identify - Answer to remove from health care transactions all information that identifies
patients
Limited data set - Answer protected health information from which certain patient identifiers
have been removed
Privacy Rule - Answer patients have the right to view their own medical records, as well as the
right to know who has accessed those records over the previous 6 years, and request
corrections if info is wrong
Doctrine of professional discretion - Answer A principle under which a physician can exercise
judgment as to whether to show patients who are being treated for mental or emotional
conditions their records. Disclosure depends on whether, in the physician's judgment, such
patients would be harmed by viewing the records.
Administrative safeguards - Answer Under HIPAA, are administrative actions and policies and
procedures, to manage the selection, development, implementation, and maintenance of
security measures to protect electronic protected health information and to manage the
conduct of the covered entity's or business associate's workforce
Physical safeguards - Answer Physical precautions used to protect assets and records. Facility,
workstation and device security must be implemented
Ch. 4 Test Bank Questions and
Answers Correctly Solved 2025\2026
Latest Update.
Policies - Answer written principals that provide goals for employees and the facility
Procedures - Answer step by step directions that provide a consistent and repetitive approach
to accomplishing a goal
state preemption - Answer if a state's privacy laws are stricter than HIPAA privacy standards,
the state laws take precedence
privacy - Answer the right of people not to reveal information about themselves
Confidentiality - Answer the legally protected right of patients to have their personal and
medical information kept private
HIPAA (Health Insurance Portability and Accountability Act) - Answer a federal law that sets
standards for protecting the privacy of patients' health information
HHS (U.S. Department of Health and Human Services) - Answer responsible for developing the
specific requirements of the law
OCR - Answer Office for Civil Rights, enforces HIPAA
HIPAA standard 1 - Answer Transactions and Code Sets, current procedural terminology (CPT)
is used to code procedures and services
HIPAA standard 2 - Answer Related to the privacy rule, healthcare facilities, insurance
companies and others need to protect written, electronic and oral patient health info
HIPAA standard 3 - Answer related to the Security Rule, healthcare facilities, insurance
, Covered entities - Answer Healthcare providers, insurance providers and policies, dentists,
clinics, medicare and medicade
Protected Health Information (PHI) - Answer Any information about health status, provision of
health care, or payment for health care that can be linked to an individual. This is interpreted
rather broadly and includes any part of a patient's medical record or payment history.
Business associate - Answer A person, who on behalf of the covered entity, performs or assists
in the performance of a function or activity involving the use or disclosure of individually
identifieable health information.
Permission - Answer a reason for releasing or disclosing patient info under HIPAA
De-identify - Answer to remove from health care transactions all information that identifies
patients
Limited data set - Answer protected health information from which certain patient identifiers
have been removed
Privacy Rule - Answer patients have the right to view their own medical records, as well as the
right to know who has accessed those records over the previous 6 years, and request
corrections if info is wrong
Doctrine of professional discretion - Answer A principle under which a physician can exercise
judgment as to whether to show patients who are being treated for mental or emotional
conditions their records. Disclosure depends on whether, in the physician's judgment, such
patients would be harmed by viewing the records.
Administrative safeguards - Answer Under HIPAA, are administrative actions and policies and
procedures, to manage the selection, development, implementation, and maintenance of
security measures to protect electronic protected health information and to manage the
conduct of the covered entity's or business associate's workforce
Physical safeguards - Answer Physical precautions used to protect assets and records. Facility,
workstation and device security must be implemented
