HIPAA (Chapter 5) Flashcards

1
Q

What does HIPAA stand for?

A

Health Insurance Portability and Accountability Act of 1996

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the intent of HIPAA?

A

Reduce administrative costs of health care.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

HIPAA is commonly associated with?

A

Privacy and Security rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What laws does HIPAA legislation encompass?

A

Availability, portability and renewability of health insurance.
Changes to fraud and abuse.
Tax.
Data and payment transmissions.
Application and enforcement of group health plan regulations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the Administrative Simplification Section of Title II

A

Development of standardized transaction standards for content and transmission of data.
NPI for all providers.
Privacy and Security rules to protect data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When did the privacy rule from the DHSS become effective?

A

April 15, 2003

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

When did the security rule from the DHSS become effective?

A

April 20, 2005

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Privacy Rule essentials?

A

Individual patient controls.
Standard for access, use and disclosure of health information by providers/plans/clearing houses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Can state laws, when more strict, pre-empt HIPAA national/federal laws.

A

Yes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does HITECH stand for?

A

Health Information Technology for Economical and Clinical Health.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What was HITECH for?

A

Standardization of Electronic Health Records

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What rules does HITECH include?

A

Notification of breaches of unsecured information.
Increases potential civil monetary penalties for violations.
Strengthened privacy rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the “Omnibus Rule”?

A

The final rule in 2013 that implemented statutory amendments under HITECH.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does HIPAA govern?

A

Use and disclosure of protected health information (PHI).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Who must comply with HIPAA regulations?

A

Covered entities directly and their business associates indirectly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a Covered Entity?

A

Health care providers that transmit any health information in electronic form, a health plan with more than 50 participants, and a clearinghouse that received, processes, and transmits health information for the purpose of payment.

17
Q

What is Protected Health Information (PHI)?

A

Individually identifiable health information that is created, collected or stored by a covered entity and maintained in electronic or any other form .

18
Q

What is the HIPAA Privacy General Rule?

A

A covered entity may not use or disclose PHI except as permitted or required.

19
Q

What are the Individual Rights under the Privacy Rule regarding their PHI

A

Access and obtain all records included in the designated record set;
Amend PHI
Obtain accounting/list of disclosures;
Receive a Notice of Privacy Practices;
Communications conducted in a confidential manner;
Restrict disclosure on certain uses and disclosure;
Right to file a complaint with OCR.

20
Q

What 3 elements are required for information to be considered PHI?

A

Information that describes past, present, or future health, condition, care treatment, of an individual, or payment for such care or treatment.
Reasonably identify individual.
Maintained in electronic or any other form.

21
Q

What is De-Identified information

A

Information that does not contain any of the 18 specific identifying characteristics that reasonably identify a person.

22
Q

Is the Covered Entity bound by the content in the Notice of Privacy

A

Yes - even if information in the notice is more restrictive than the regulation.

23
Q

If an initial encounter (episode of care) was by phone, how long does an entity have to mail the notice to the individual?

A

24 hours.
Scheduling an appointment is NOT considered an episode of care.

24
Q
A