<div>HIPAA Training</div> <div> </div> <div> </div> <div>After you have attended HIPAA Training, either in-person, remotely or by watching the recorded video, complete this quiz. A score of 80% (or 16 correct answers) is necessary to complete your HIPAA training. If you do not achieve 80% on your first try, please re-watch the training video and take the quiz again. </div> | Take the Quiz

2. Jenny, a pediatric nurse, needs to report lab results to the mother of a 3-year-old child who is sitting in the waiting room. She sticks her head through the waiting room door and says, "Good news. The lab results are normal." Is this a privacy breach?

Yes

5. TPO stands for: (Hint: Think "HIPAA Buckets")

Therapy, Patient, Outcome

Treatment, Payment, Operation

Training, Participation, Organization

6. PHI can never be released for any reason except TPO (treatment, payment, operations).

True

False

7. Charlie works at a medical center and is responsible for entering billing data into the computer system. He looks at this mother-in-law's medical records, because he is concerned that she has not been fully honest with her family about some recent health problems. Since he has been HIPAA trained, is this a breach of privacy?

Yes

8. ________ requires that individuals and federal officials be notified when a breach or potential breach of PHI Privacy or Security regulations has occurred.

HIPAA

AARA

9. Bill, a billing employee, receives and opens an email containing PHI which a nurse, Nancy mistakenly sent to him. Bill notices that he is not the intended recipient, alerts Nancy to the misdirected email, and deletes it. Was this a breach of PHI?

Yes

10. Rhonda is a receptionist for a covered entity, and, due to her work responsibilities, she is not authorized to access PHI. Rhonda decides to look through patient files to learn about a friend's last visit to the doctor. Does Rhonda's action constitute a breach?

Yes

11. Rob, a research assistant, wanted to get ahead on some statistical work, so he copied the information from 240 research participants to his thumb drive. The information included PHI, and the thumb drive was not encrypted. On his way home to continue his work, he stopped by the store to get some snacks. When he returned to his car, he found it had been broken into. Missing were his GPS, dozens of CDs, and his book bag containing the thumb drive. Does this event constitute a breach?

Yes

12. If you suspect that there has been a breach of HIPAA policies in your workplace, you should report your suspicions to:

Police

Legal Counsel

Security Officer in your workplace

13. Once employees have completed HIPAA training, their access to PHI is:

Based on work duties and responsibilities

Limited to the minimum necessary information to complete required work

Both

14. Is it acceptable to share your computer password with your fellow employees if they have received HIPAA training?

Yes

15. Your office computer is being replaced. You should -

Delete all files that might contain sensitive information

Have the computer sent to surplus for secure storage

Contact Operations to initiate steps to sanitize the computer

16. The monetary penalties for improperly disclosing Patient Health Information can be as high as:

$500,000

$125,000

$250,000

$1,500,000

17. PHI stands for:

Patient Health Information

Provider Health Information

Protected Health Information

None of the Above

18. If someone forgets his/her log-in ID, can I let him/her use mine?

Yes, if he/she is an employee and you know him.

Yes, if your manager says that's okay.

No, sharing log-in IDs and passwords is a security violation.

19. Should I report a security or privacy violation?

No, that is a task for the police.

Yes, but only the really serious ones.

Yes, all workforce members have a responsibility to report suspected and actual violations.

20. ____________ is defined as an impermissible disclosure of PHI that compromises the security of the privacy of the patient.

Notice of Privacy Practices

Disclosure

Breach

Data Directory

More Quizzes