| PHI | HIPAA | Education | Breach | Access |
|---|---|---|---|---|
|
False, HIPAA also applies to deceased individuals for 50 years after death
True or False: HIPAA only applies to living individuals
|
Health Information Portability and Accountability act
What does HIPAA stand for?
|
each individual that handles PHI
Who is required to have HIPAA compliance training?
|
an impermissible use or disclosure under the Privacy rule that comprises the security or privacy of the PHI
Define Breach
|
Only when it is needed to do your job
When should PHI be accessed?
|
|
A person's name, DOB, physical address, phone numbers, email address, social security number, ect.
List 3 examples of PHI
|
The US department of health and human services through the office of civil rights
Who enforces the HIPAA Privacy rules?
|
Where can employees report any HIPAA concerns?
Via fax, mail, or email to the Office for Civil Rights
Where can employees report any HIPAA concerns?
|
Staff who are not authorized to view PHI, failure to manage risks, theft of patient information from the records, sharing PHI online
What is considered a breach of HIPAA?
|
True or False: There are reasons to access PHI without consent
True, medical care providers may release information to other providers or entities that are participating in the patients care
True or False: There are reasons to access PHI without consent
|
|
A signed release of information
What is required before releasing any PHI?
|
Overhearing a provider/MA conversation about another patient
What is an example of incidental disclosure?
|
True
True or False: Is HIPAA training required for any new employees that will be working with PHI but have prior knowledge of HIPAA
|
True
True or false: There are exceptions to the breach notification requirements?
|
They have the right to inspect or get a copy of their own PHI
What is the right of patients to their PHI?
|
|
The Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral.
What is the privacy rule for PHI?
|
Any healthcare entity that electronically processes, stores, transmits, or receives medical records, claims or remittances
What businesses must comply with HIPAA?
|
False
True or False: In the event of a conflict between HIPAA and state law, state law preempts HIPAA unless HIPAA is stricter
|
HIPAA violations can be the cause of breaches, only HIPAA breaches are reportable events
What is the difference between a violation and a breach?
|
True only with medical power of attorney
True or False: Family members can access other family members PHI
|
|
appointment inquires, employee and education records, wearable devices, health and fitness apps
What is PHI under HIPAA
|
Fines can be up to $250,000 for violations or imprisonment up to 10 years for knowing abuse or misuse of individual health information.
What are the penalties for HIPAA non-compliance?
|
False
True or False: According to the Security Rule, it is never permissible to use the internet to transmit PHI
|
1-10 years
What is the minimum and maximum penalty for jail time?
|
No, you can request copies but cannot look up your own information on a EHR
Can you a person look up their own medical records in an EHR system that they have access to?
|
Support Us on Ko-fi