Ems Hipaa Awareness Examination
Question: Every breach must be reported unless _______________.
Answer: it can be demonstrated that there is a “low probability” that PHI was compromised
Question: An intern has just started a new job for a local medical office. She has only been there a week, and leaves her desk to ask her boss a question. Which software safeguard should she follow to ensure the security of ePHI?
Answer: The intern should be aware of who can view the screen and take steps to prevent unauthorized persons from viewing information.
Question: After visiting a local health clinic, a young woman believes that patients’ rights are not being protected after she sees an elderly man be denied after asking to see his health records. In this case, who has the right to file a complaint?
Answer: Either the young woman or the elderly man may file a complaint because anyone may file if they believe the rights of a patient are denied.
Question: In HIPAA, consent differs from authorization because consent is _______________ while authorization is not (although state laws may differ).
Answer: voluntary
Question: Which of the following rights do patients have according to the HIPAA Privacy Rule?
Answer: Patients can ask for a report on when and why their information was shared.
Question: A patient requests access to their health information, which is maintained and accessible on-site. Within how many days should you act on this request?
Answer: 30 days
Question: You are sending a document that contains PHI via fax. To help ensure that PHI is not compromised it is recommended that _______________.
Answer: you include a cover sheet that contains a confidentiality statement
Question: The HIPAA Privacy Rule provides patients the right to request _______________.
Answer: that their PHI be amended
Question: If a patient requests that the use and/or disclosure of their PHI be restricted, you must _______________.
Answer: deny or agree to the request, but if you agree you are bound by the restrictions
Question: According to HIPAA, the Notice of Privacy Practices (NPP) provided to patients must state that _______________.
Answer: PHI may be used/disclosed to contact an individual for fundraising purposes and individuals can opt out of such communication