HIPAA and Privacy Act Training (2022)| WITH COMPLETE SOLUTIONS
Which of the following would be considered PHI? Correct Answer: An individual's first and last
name and the medical diagnosis in a physician's progress report
A Privacy Impact Assessment (PIA) is an analysis of how information is handled: Correct
Answer: All of the above
Under the Privacy Act, individuals have the right to request amendments of their records
contained in a system of records. Correct Answer: True
Under HIPAA, a covered entity (CE) is defined as: Correct Answer: All of the above
The e-Government Act promotes the use of electronic government services by the public and
improves the use of information technology in the government. Correct Answer: True
What of the following are categories for punishing violations of federal health care laws? Correct
Answer: All of the above
Technical safeguards are: Correct Answer: Information technology and the associated policies
and procedures that are used to protect and control access to ePHI intrusion
An incidental use or disclosure is not a violation of the HIPAA Privacy Rule if the covered entity
(CE) has: Correct Answer: All of the above
A covered entity (CE) must have an established complaint process. Correct Answer: True
The HIPAA Security Rule applies to which of the following: Correct Answer: PHI transmitted
electronically
Which of the following are breach prevention best practices? Correct Answer: All of this above
Which of the following are examples of personally identifiable information (PII)? Correct
Answer: All of the above
HIPAA provides individuals with the right to request an accounting of disclosures of their PHI.
Correct Answer: True
If an individual believes that a DoD covered entity (CE) is not complying with HIPAA, he or she
may file a complaint with the: Correct Answer: All of the above
The minimum necessary standard: Correct Answer: All of the above
When must a breach be reported to the U.S. Computer Emergency Readiness Team? Correct
Answer: Within 1 hours of discovery
Which of the following would be considered PHI? Correct Answer: An individual's first and last
name and the medical diagnosis in a physician's progress report
A Privacy Impact Assessment (PIA) is an analysis of how information is handled: Correct
Answer: All of the above
Under the Privacy Act, individuals have the right to request amendments of their records
contained in a system of records. Correct Answer: True
Under HIPAA, a covered entity (CE) is defined as: Correct Answer: All of the above
The e-Government Act promotes the use of electronic government services by the public and
improves the use of information technology in the government. Correct Answer: True
What of the following are categories for punishing violations of federal health care laws? Correct
Answer: All of the above
Technical safeguards are: Correct Answer: Information technology and the associated policies
and procedures that are used to protect and control access to ePHI intrusion
An incidental use or disclosure is not a violation of the HIPAA Privacy Rule if the covered entity
(CE) has: Correct Answer: All of the above
A covered entity (CE) must have an established complaint process. Correct Answer: True
The HIPAA Security Rule applies to which of the following: Correct Answer: PHI transmitted
electronically
Which of the following are breach prevention best practices? Correct Answer: All of this above
Which of the following are examples of personally identifiable information (PII)? Correct
Answer: All of the above
HIPAA provides individuals with the right to request an accounting of disclosures of their PHI.
Correct Answer: True
If an individual believes that a DoD covered entity (CE) is not complying with HIPAA, he or she
may file a complaint with the: Correct Answer: All of the above
The minimum necessary standard: Correct Answer: All of the above
When must a breach be reported to the U.S. Computer Emergency Readiness Team? Correct
Answer: Within 1 hours of discovery
