Test your basic knowledge |

HIPAA

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Freedom from unauthorized intrusion
Privacy
Psychotherapy notes - information for legal proceedings - information exempted from disclosure under CLIA
Electronic transmission
Rule

2. Libel
false and malicious writing about another
comes on after a few idle seconds and the use of a privacy screen should be mandatory
Covered transactions
Ethical

3. Confidentiality

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

4. Criminal law
law concerned with public wrongs against society
improper performance of an otherwise lawful act. civil
a minor - rather than the parent - must sign the release of patient information
The body of laws made by states is their own statutory laws

5. Unlawful act done without permission.
Malfeasance
in order to maintain patient confidentiality - fax machines must be kept in areas not accessible to patients.
Limited data set
purpose - pride - patience - persistence - perspective

6. De-Identified Information
Medical data from which individual identifiers have been removed; also known as a redacted or blinded record.
Patient
Notice of Privacy Practices (NPP)
Duty; duty of care - Derelict; breach of the duty of care - Direct cause; legally recognizable injury occurs as a result of breach of care - Damage; wrongful activity must have been the cause

7. Professional Negligence
a minor - rather than the parent - must sign the release of patient information
Ethical
Regulations
malpractice

8. Policies and procedures use to protect electronic information from unauthorized access
U.S. goverment
Security
need to know
Examples of PHI

9. HIPAA compliance mandates that computer systems must be...
Standard
located in a secured and private space
individuals in their mid- to late teens who legally live outside of parents' or guardians' control
De-Identified Information

10. Ethics
Verification
concerns noncriminal disputes between private parties
the philosophical study of moral values and rules - conducts
Invasion of Privacy Publishing

11. Slander
false charges and malicious oral statements about someone
Verification
a minor - rather than the parent - must sign the release of patient information
human immunodeficiency virus/acquired immune deficiency syndrome (HIV/AIDS)

12. Protected Health Information (PHI)
a contract that comes about from the actions of the parties rather than words
Designated record set
Any information that would identify a patient (name - add - tele - DOB - SSN - email - med. rec. number - etc)
parent of a minor - legal guardian - Agent (patient selected on behalf in h/c power of attorney)

13. The ability to control access and protect information from accidental or intentional disclosure to unauthorized persons and from altercation - destruction - or loss
comes on after a few idle seconds and the use of a privacy screen should be mandatory
security rule
the philosophical study of moral values and rules - conducts
false and malicious writing about another

14. Business Associate Agreements applies to...
individuals such as cleaning staff and consultants who work in the office. These individuals do not need access to patient info but may come in contact while completing their duties
law concerned with public wrongs against society
also called biomedical ethics - the moral dilemmas and issues of advanced medicine and medical research
h/c workers --qualified people of organizations(perf. data processinf or transcript) -certain gov. auth. (pub health activities) -appropriate auth(protect vic. of abuse) -law enforcement officials or judicial orders

15. What information do patients NOT have access to?
Electronic transmission
Treatment - payment and health care operations (TPO)
Health Information
Psychotherapy notes - information for legal proceedings - information exempted from disclosure under CLIA

16. General exceptions for releasing patient information
security rule
Notice of Privacy Practices
Covered transactions
parent of a minor - legal guardian - Agent (patient selected on behalf in h/c power of attorney)

17. Protected health information from which certain patient identifiers have been removed
Rule
treatment - payment - & healthcare operations
generally only patient can auth release of own medical record - there are a few exceptions
Limited data set

18. The person recieving treatment
U.S. Department of Health and Human Services (HHS; established national standards for HIPAA) - Centers for Medicare and Medicaid Services (CMS; enforce insurance portability and transaction/code set requirements) - Office for Civil Rights (OCR; enfor
Patient
individuals in their mid- to late teens who legally live outside of parents' or guardians' control
illegal touching of another person

19. Who regulates HIPAA?
Limited data set
U.S. goverment
Insurance portability - administrative simplification - privacy and security
Covered entities

20. In order for a fax document to be HIPAA compliant...

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

21. Sending information over electronic networks.
Health Insurance Portability and Accountability Act of 1996 (passed by congress because of portability problems - also to protect PHI)
patient discharges doctor with letter - doctor formally withdraws from patient with a certified letter or patient no longer needs treatment
Patient
Electronic transmission

22. Transmission of information between two parties fro financial or administrative activities.
also called biomedical ethics - the moral dilemmas and issues of advanced medicine and medical research
a service company that recieves electronic or paper claims from the provider - checks and prepares them for processing - and transmits them in HIPAA-complaint format to the correct carriers
individuals such as cleaning staff and consultants who work in the office. These individuals do not need access to patient info but may come in contact while completing their duties
Transaction

23. IIHI
only those who meed to know should have access to patient information
law concerned with public wrongs against society
Individually Identifiable Health Information
De-Identified Information

24. Gunshot wound - child abuse - infectious diseases - required by law - law enforcement purposes.
Electronic data interchange
purpose - pride - patience - persistence - perspective
What types of disclosures do not require patient permission?
judge made law from decisions of a court - interpretation of constitution and statuatory law - often known as precedents

25. Advanced directives
in order to maintain patient confidentiality - fax machines must be kept in areas not accessible to patients.
allows patients to give directions to health care providers about treatment choices in circumstances in which the patient may no longer be able to provide that direction. There are two types: Living Will and Durable Power of Attorney
addresses portability of insurance coverage when employees change or lose their jobs
Electronic Protected Health Information

26. Electronic exchanges of information between two covered-entity business partners using HIPAA mandated transaction standards.
Medical data from which individual identifiers have been removed; also known as a redacted or blinded record.
Rule
Treatment - payment and health care operations (TPO)
Covered transactions

27. PII
Prohibits discrimination preventing indiviualds with physical or mental disabilities or chronic illness - from accessing public services & accomodations. Employers requires 'reasonable accommodation' be provided so they can perform duties.
Patient Identifiable Information
Individually Identifiable Health Information
Permission

28. Data must be backed up at ___________ and those back-up files should be stored ________.
Firewalls
regular - in a secure location
failure to act with the standard of care that a reasonable person would exercise under the same circumstances
Invasion of Privacy Publishing

29. HI
Health Information
Regulations
treatment - payment - & healthcare operations
Portability

30. Conforming to proper professional behavior
state laws setting time limit for bringing a lawsuit
Encryption
generally only patient can auth release of own medical record - there are a few exceptions
Ethical

31. Medical records used for health care research

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

32. Common law
Notice of Privacy Practices
must be reported to authorities by law
Individually Identifiable Health Information
judge made law from decisions of a court - interpretation of constitution and statuatory law - often known as precedents

33. Guidelines and standards made by government agencies and licensing boards that have the authority to enforce compliance
Malfeasance
Regulations
Encryption
concerned with mostly with h/c providers. It addresses fraud and abuse - administrative simplification and medical liability

34. The computer screen should have a screensaver that...
failure to act with the standard of care that a reasonable person would exercise under the same circumstances
it must have an accompanying disclaimer stating the fax information cannot be shared with any other party w/o patient's written consent
located in a secured and private space
comes on after a few idle seconds and the use of a privacy screen should be mandatory

35. 5P's of ethical power
regular - in a secure location
Regulations
Tort
purpose - pride - patience - persistence - perspective

36. HIPAA states...
Code sets
state law that protects healthcare professionals from liability when they provide emergency assistance/services within their scope of training
may be disclosed to public health agencies - patient identifiers are removed so it's covered by HIPAA
only those who meed to know should have access to patient information

37. Protecting healthcare coverage for employees who change jobs - allowing them to continue existing plans with a new employer.
Designated record set
Portability
Patient Identifiable Information
it must have an accompanying disclaimer stating the fax information cannot be shared with any other party w/o patient's written consent

38. Any wrongdoing for which an action for damages may be brought
Security
Tort
Health Information
U.S. Department of Health and Human Services (HHS; established national standards for HIPAA) - Centers for Medicare and Medicaid Services (CMS; enforce insurance portability and transaction/code set requirements) - Office for Civil Rights (OCR; enfor

39. Releasing patient information
substance abuse treatment
Invasion of Privacy Publishing
Psychotherapy notes - information for legal proceedings - information exempted from disclosure under CLIA
generally only patient can auth release of own medical record - there are a few exceptions

40. Battery
Designated record set
Rule
illegal touching of another person
State preemption

41. TPO
concerns noncriminal disputes between private parties
Encryption
Electronic data interchange
treatment - payment - & healthcare operations

42. Treatment means that a health care provider can provide care; payment means that a provider can disclose PHI to be reimbursed; health care operations refers to HIPAA approved activities and transactions.
only those who meed to know should have access to patient information
should never be released w/o a patient's signed consent or court order
Treatment - payment and health care operations (TPO)
Covered transactions

43. Coded information that can't be read until is decoded.
What types of disclosures do not require patient permission?
Portability
Encryption
h/c workers --qualified people of organizations(perf. data processinf or transcript) -certain gov. auth. (pub health activities) -appropriate auth(protect vic. of abuse) -law enforcement officials or judicial orders

44. Federal law protects patient records dealing with...
illegal touching of another person
substance abuse treatment
located in a secured and private space
Ethical

45. Any set of codes use to encode health care data elements.
Verification
Code sets
Treatment - payment and health care operations (TPO)
may be disclosed to public health agencies - patient identifiers are removed so it's covered by HIPAA

46. Good samaritan law
located in a secured and private space
state law that protects healthcare professionals from liability when they provide emergency assistance/services within their scope of training
failure to act with the standard of care that a reasonable person would exercise under the same circumstances
A written set of questions requiring written answers from a plaintiff or defendant under oath

47. Implied contract
need to know
U.S. Department of Health and Human Services (HHS; established national standards for HIPAA) - Centers for Medicare and Medicaid Services (CMS; enforce insurance portability and transaction/code set requirements) - Office for Civil Rights (OCR; enfor
a contract that comes about from the actions of the parties rather than words
What types of disclosures do not require patient permission?

48. NPP
Notice of Privacy Practices (NPP)
U.S. goverment
Notice of Privacy Practices
parent of a minor - legal guardian - Agent (patient selected on behalf in h/c power of attorney)

49. Fax Machines and HIPAA
illegal touching of another person
Encryption
in order to maintain patient confidentiality - fax machines must be kept in areas not accessible to patients.
only those who meed to know should have access to patient information

50. Negligence
failure to act with the standard of care that a reasonable person would exercise under the same circumstances
treatment - payment - & healthcare operations
Security
concerns noncriminal disputes between private parties