HIPAA

Question 1

What does HIPAA stand for?

Answer 1

Health Insurance Portability and Accountability Act

Question 2

True or False: HIPAA is a United States federal law.

Answer 2

True

Question 3

What is the primary goal of HIPAA?

Answer 3

To protect the privacy and security of health information

Question 4

What are the two main rules under HIPAA?

Answer 4

Privacy Rule and Security Rule

Question 5

Which entity enforces the HIPAA regulations?

Answer 5

Office for Civil Rights (OCR)

Question 6

What is considered protected health information (PHI) under HIPAA?

Answer 6

Any information that can be used to identify an individual’s health status or history

Question 7

True or False: Covered entities under HIPAA include healthcare providers, health plans, and healthcare clearinghouses.

Answer 7

True

Question 8

What is the minimum necessary rule under HIPAA?

Answer 8

Requires covered entities to only use or disclose the minimum necessary PHI

Question 9

What is the penalty for HIPAA violations?

Answer 9

Fines ranging from $100 to $50,000 per violation, up to $1.5 million per year

Question 10

What is a Business Associate Agreement (BAA) under HIPAA?

Answer 10

A contract between a covered entity and a business associate outlining how PHI will be protected

Question 11

What is the purpose of the HIPAA Breach Notification Rule?

Answer 11

To require covered entities to notify individuals affected by a breach of their PHI

Question 12

What is the deadline for reporting a breach of PHI under the HIPAA Breach Notification Rule?

Answer 12

Within 60 days of discovering the breach

Question 13

What are the three key elements of the Security Rule under HIPAA?

Answer 13

Administrative safeguards, physical safeguards, and technical safeguards

Question 14

True or False: The HIPAA Privacy Rule applies to all forms of PHI, regardless of the medium.

Answer 14

True

Question 15

What is the purpose of the HIPAA Security Rule?

Answer 15

To establish national standards for the protection of electronic PHI

Question 16

What is the difference between the HIPAA Privacy Rule and the HIPAA Security Rule?

Answer 16

Privacy Rule focuses on protecting the privacy of PHI, while Security Rule focuses on the security of electronic PHI

Question 17

What is the role of the HIPAA Privacy Officer within a covered entity?

Answer 17

To oversee the development and implementation of HIPAA privacy policies and procedures

Question 18

What is the purpose of the HIPAA Omnibus Rule?

Answer 18

To strengthen privacy and security protections for PHI under HIPAA

Question 19

What is the Safe Harbor method for de-identifying PHI under HIPAA?

Answer 19

Removing 18 specified identifiers from the health information

Question 20

What is the HIPAA Security Rule’s requirement for access controls?

Answer 20

Implement technical policies and procedures that allow only authorized persons to access electronic PHI

Question 21

What is the purpose of the HIPAA HITECH Act?

Answer 21

To promote the adoption and meaningful use of health information technology

Question 22

What is the HIPAA Privacy Rule’s requirement for individual rights?

Answer 22

To provide individuals with rights over their health information, including the right to access and amend their records

Question 23

What is the HIPAA Security Rule’s requirement for audit controls?

Answer 23

Implement hardware, software, and procedural mechanisms that record and examine activity in information systems

Question 24

What is the purpose of the HIPAA Enforcement Rule?

Answer 24

To establish procedures for investigations and hearings for HIPAA violations