A business associate contract is required between a covered entity and business associate if protected health information (PHI) will be shared between the two.
answer
True
question
Which of the following is true regarding a business associate contract?
answer
All of the Above
question
A business associate contract must specify the following:
answer
The PHI to be disclosed and the uses that may be made of that information
question
All of the following are true about business associate contracts EXCEPT?
answer
Business associates are NOT required to obtain "satisfactory assurances" (i.e., that their PHI will be protected as required by HIPAA law) from their subcontractors
question
In which of the following situation is a business associate contract NOT required
answer
All of the Above
question
The administrative requirements of HIPAA privacy include all of the following EXCEPT
answer
Using a firewall to protect against hackers
question
Match the following components of complying with HIPAA privacy with their descriptions
answer
Compliance Officer: an organization must designate an individual to take responsibility for implementing and overseeing HIPAA privacy compliance at the...
Employee Training: An organization must train all of its workforce that have access to PHI on a HIPAA awareness training and at a minimum of 2 years...
Formal Documents and Controls: An organization must implement formal documents and controls to protect PHI that the organization has access to or maintains.
question
Who must comply with the security rule
answer
Any person or organization that stores, maintains or transmits individually identifiable health information electronically
question
Business associates are required to sign Business Associate Contracts with which of the following
answer
Healthcare providers, health insurance carriers, employer group health plans, and healthcare clearinghouses
question
Which standard is for controlling and safeguarding of PHI in all forms
answer
Privacy Standards
question
Which of these entities is NOT considered a covered entity
answer
Business Associates
question
Which of the following is NOT an example of health care plans
answer
Healthcare provider
question
Which of the following is NOT a requirement of the HIPAA privacy standards
answer
Internet firewalls to ensure that hackers don't steal patient health information
question
What is the purpose of Technical security safeguards
answer
To protect data and control access to it
question
For which of the following is a business associate contract NOT required
answer
Both A & C
question
An authorization is required for which of the following
answer
Non-routine disclosures
question
The purpose of administrative simplification is all of the following EXCEPT
answer
Allow individuals to transfer jobs and not be denied health insurance because of pre-existing conditions
question
The security rule's requirements are organized into which of the following three categories
answer
Administrative, Physical, and Technical safeguards
question
What is a key to success for HIPAA compliance
answer
Education
question
The security rule allows covered entities and business associates to take into account all of the following EXCEPT
answer
Their corporate status
question
Business Associates must comply with the HIPAA privacy standards
answer
If they routinely use, create, or distribute protected health information on behalf of a covered entity
question
Which of these entities could be considered a business associate
answer
Insurance broker
question
The HIPAA security rule is
answer
a technology neutral, federally mandated "floor" of protections whose primary objective is to protect the confidentiality, integrity, and availability of individually identifiable health information in electronic form when it is stored, maintained, or transmitted
question
Within HIPAA how does security differ from privacy
answer
Security defines safeguards for ePHI versus Privacy which defines safeguards for PHI
question
The acronym HIPAA stands for
answer
Health Insurance Portability and Accountability Act
question
If a Business Associate discovers that protected health information (PHI) was improperly used or disclosed, what are they obligated to do
answer
Notify the Covered Entity
question
What does PHI stand for
answer
Protected Health Information
question
Which of the following is NOT an example of physical security
answer
Data Encryption
question
Which of the following statements is accurate regarding the 'minimum necessary' rule in the HIPAA regulations
answer
Covered entities and business associates are required to limit the use or disclosure of PHI to the minimum necessary to accomplish the intended or specified purpose
question
The Privacy and Security rules specified by HIPAA are
answer
reasonable and scalable to account for the nature of each organization's culture, size, and resources. Each organization will determine its own privacy policies and security practices within the context of the HIPAA requirements and its own capabilities and needs
question
Who enforces HIPAA
answer
Department of Health and Human Services
question
Penalties for non-compliance can be which of the following types
answer
Civil and Criminal
question
The Omnibus Rule was meant to strengthen and modernize HIPAA by incorporating provisions of the HITECH Act (Health Information Technology for Economic and Clinical Health Act) as well as finalizing, clarifying, and providing detailed guidance on many previous aspects of HIPAA
answer
True
question
Business Associates are NOT permitted to
answer
disclose protected health information outside of what is specified in the Business Associate Contract and the HIPAA regulations
Haven't found what you need?
Search for quizzes and test answers now
Quizzes.studymoose.com uses cookies. By continuing you agree to our cookie policy
