__Regulatory Compliance Terms__HIPAA (Terms)

Question 1

Covered Entity

Answer 1

A health plan health care clearinghouse

or health care provider that transmits any health information in electronic form in connection with a HIPAA transaction.

Question 2

Business Associate

Answer 2

An individual or organization that performs certain functions or activities on behalf of a covered entity that involves the use or disclosure of protected health information (PHI).

Question 3

Protected Health Information (PHI)

Answer 3

Any information including demographic data

that can be used to identify an individual and relates to the individual’s past

present

or future physical or mental health condition

health care services received

or payment for health care services. (ePHI = Electronic)

Question 4

Notice of Privacy Practices

Answer 4

A document that a covered entity must provide to patients that explains how the entity will use and disclose PHI and the patient’s rights under HIPAA.

Question 5

Breach

Answer 5

An impermissible use or disclosure of PHI that compromises the security or privacy of the information and poses a significant risk of financial

reputational

or other harm to the affected individual.

Question 6

Breach Notification Rule

Answer 6

The HIPAA Breach Notification Rule requires covered entities to promptly notify individuals the government

and sometimes the media in the event of a breach of protected health information.

Question 7

Security Rule

Answer 7

A set of administrative physical

and technical safeguards that covered entities and business associates must implement to protect the confidentiality

integrity

and availability of electronic PHI.

Question 8

Privacy Rule

Answer 8

A set of national standards for the protection of certain health information.

Question 9

Enforcement Rule

Answer 9

A set of rules that describes the process for investigating and resolving HIPAA violations and the penalties for non-compliance.