Healthcare Laws

Question 1

Reasons for healthcare laws

Answer 1

ones sense of self may be violated

more willing to be open about their issues

protects medical records of employees from the risk of unequal treatment

Question 2

Initial purpose of Health insurance and portability act

Answer 2

improving efficiency in healthcare delivery

Question 3

Government entity that published regulations to protect healthcare privacy

Answer 3

Department of health and human services

Question 4

Covered Entities

Answer 4

Healthcare providers (hospitals, doctors), health care plans (insurers), clearing houses (where records are stored)

Question 5

Misconception of entities that are covered

Answer 5

individuals seeking medical information via bookstore; medical
information websites, like WebMD; and health-related apps and wearables are not covered

Question 6

A covered entity may share protected health information with BLANK to help the covered entity carry out its health care functions, provided it puts in place a contract with specified safeguards

Answer 6

Business associates (think of like processors/suppliers)

Question 7

True/False: HIPAA does not preempt stricter state laws

Answer 7

True

Question 8

Protected Health Information

Answer 8

Individually identifiable health
information that is transmitted or
maintained in any form.

Question 9

Types of penalties for HIPAA offenses

Answer 9

Criminal and civil

Question 10

Types of offenses

Answer 10

If an individual knowingly, and in violation of HIPAA
1) uses or causes to be used a unique health identifier,
2) obtains individually identifiable health information (IIHI) or
3) discloses IIHI to
another person

Question 11

Electronic PHI

Answer 11

PHI that is transmitted or maintained in electronic media, not including paper records, paper-to-paper fax or
voice

Question 12

Disclosures under HIPAA require this

Answer 12

Opt-in authorization

Question 13

Must provide this at date of first service delivery

Answer 13

Privacy notice

Question 14

Individual rights under HIPAA

Answer 14

Access, copy, and amend their PHI

Question 15

Restrictions and use of deidentified health information

Answer 15

There are no restrictions on the use of deidentified health information provided
it neither identifies nor provides a reasonable basis to identify an individual

Question 16

True/False: Research can occur with or without consent if an authorized entity approves it

Answer 16

True

Question 17

Other reasons PHI can be shared without consent

Answer 17

reporting abuse or neglect, judicial
and administrative proceedings, to prevent or lessen a serious threat to health and safety, and for specialized
government functions

Question 18

Health information portability and accountability act security rule requirements

Answer 18

Identify an individual responsible for implementation and oversight of Security Rule compliance

Conduct initial and ongoing risk assessments of potential risks and vulnerabilities of ePHI

Implement security awareness and training program for workforce

Question 19

Health Information Portability and Accountability Act Privacy Rule requirements

Answer 19

Covered Entities must designate a privacy official who is responsible for the development and implementation
of privacy protections

Personnel must be trained

Complaint procedures must be in place

Question 20

True/False: The privacy and security rules must be maintained by separate people

Answer 20

False

Question 21

Breach definition under health information portability and accountability act

Answer 21

impermissible use or disclosure under the privacy rule that compromises the security or privacy of the protected health information

Question 22

Who must breach notifications be sent to (if certain thresholds are met)

Answer 22

affected individuals
media
HHS secretary

Question 23

HIPAA breach notification exceptions:

Answer 23

1. The information was unintentionally acquired, accessed or used by a workforce member acting under the
   authority of a covered entity or business associate and made in good faith and within the scope of
   authority
2. The information was accidently disclosed between two authorized individuals
3. It is believed that the unauthorized person who saw the information would not have been able to retain
   it

Question 24

What is the purpose of the genetic information nondiscrimination act?

Answer 24

Creates national limits on the use of genetic information in health insurance and employment

Question 25

What HIPAA revision did the genetic information nondiscriminatory act direct the HHS secretary to make?

Answer 25

to include genetic information in the definition of PHI

Question 26

Genetic health nondiscriminatory act prevents insurers from

Answer 26

Implementing higher premiums based on genetic tests

Using genetic predisposition to deny coverage based on a preexisting condition

Question 27

Genetic health nondiscriminatory act prohibits employment discrimination based on genetic information, including:

Answer 27

Unions and training programs
• Family members who have manifested a disease
• Requirements or requests for genetic information

Question 28

Health information technology for economic and clinical health act of 2007 purpose

Answer 28

Extends direct liability to business associates for compliance with certain provisions of the HIPAA Rules

Question 29

The Comprehensive Alcohol Abuse and Alcoholism Prevention, Treatment and Rehabilitation Act was adopted to:

Answer 29

prompt privacy protections for people seeking medical care for alcohol and substance abuse

Question 30

True/False: Comprehensive alcohol abuse and alcoholism prevention, treatment, and rehab act preempts state laws

Answer 30

False

Question 31

Comprehensive alcohol abuse and alcoholism prevention, treatment, and rehab act preempts state laws SCOPE

Answer 31

• Use and disclosure of patient-identifying information

* Restricts using information that could lead to criminal charges

Question 32

Comprehensive Alcohol Abuse and Alcoholism Prevention, Treatment and Rehabilitation Act applicability

Answer 32

Federally funded programs

May apply to other entities that:
• Are required by state licensing
• Use controlled substances that require licensing through the U.S. DEA

Question 33

Comprehensive Alcohol Abuse and Alcoholism Prevention, Treatment and Rehabilitation Act disclosure exceptions

Answer 33

Emergencies, research, evaluations, crimes on premises or against
personnel, child abuse reporting, court orders

Question 34

Cures Act privacy provisions:

Answer 34

Exempts mandatory disclosure of individual biomedical research information under the Freedom of
Information Act
• Researchers are allowed to remotely review PHI under HIPAA Rules
• Prohibits information-blocking that would interfere with the exchange of electronic health information
• Requires “Certificates of Confidentiality” for research, particularly for those with alcohol and/or
substance abuse issues
• Provides guidelines for permissible “compassionate” sharing of mental health or substance abuse
information with family or caregivers

Question 35

Which act is intended to
expedite the research process
for medical devices and
prescription drugs?

Answer 35

21st Century Cures Act