Chapter 12 Quiz Answers Flashcards

1
Q

The purpose of the implementation specifications of the HIPAA Security Rule is to provide _______.
A. protection of patient information
B. instruction for implementation of standards
C. guidance for security training and education
D. sample policies and procedures for compliance

A

instruction for implementation of standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
One of the four general requirements a covered entity must adhere to for compliance with the HIPAA Security Rule is to ensure the confidentiality, integrity and \_\_\_\_\_\_\_ of ePHI.
A. addressability
B. accuracy
C. availability
D. accountability
A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
The HIPAA Security Rule applies to which of the following covered entities?
A. Hospital that bills Medicare
B. Physician electronic billing company
C. BlueCross health insurance plan
D. All of the above
A

All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Non-compliance with the HIPAA Security Rule can lead to _______.
A. Civil penalties
B. Criminal penalties
C. Both a and b
D. A maximum annual penalty of $1 million

A

Both a and b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Copying data onto tapes and storing the tapes at a distant location is an example of ______.

a. Data Backup
b. Data Mapping
c. Data Recovery
d. Data Storage for Recovery

A

Data Backup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The capture of data by a hospital’s data security system that shows multiple invalid attempts to access the patients’ database is an example of what type of security control?

a. Audit trail
b. Access Control
c. Auto-Authentication
d. Override function

A

Audit Trail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The HIPAA Security Rule contains the following safeguards except ______.

a. technical
b. administrative
c. physical
d. reliability

A

Reliability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The enforcement agency for the security rule is _________.

a. Office of the Inspector General
b. Centers for Medicare and Medicaid Services
c. Office of Civil Rights
d. Office of Management and Budget

A

Office for civil rights

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

With addressable standards, the covered entity may do all but which of the following?

a. implement the standard as written
b. implement an alternative standard
c. ignore the standard since it is addressable
d. determine the risk of not implementing is negligible

A

Ignore the standard since it is addressable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A nurse administrator who does not typically take call gets called in over the weekend to staff the emergency department. She does not have access to enter notes since this is not a part of her typical role. In order to meet the intent of the HIPAA Security Rule, the hospital policy should include _______.

a. a requirement for her to attend training before accessing ePHI.
b. a provision to allow her to share a password with another nurse.
c. a provision to allow her emergency access to the system.
d. a restriction on her ability to access ePHI.

A

A provision to allow her emergency access to the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly