HIPAA
HIPAA (3) - correct answer ✔- allows people to carry insurance from one
employer to another and to protect the privacy of their medical records while
allowing the flow of information in order to provide high quality health care
- HIPAA describes steps that must be taken to secure confidential electronic
protected health info from unintended disclosure through security breaches
- Limits the circumstances in which an individual's PHI (protected health
information) may be used or disclosed y many different organizations
Covered Entities (CEs) (3) - correct answer ✔- Organizations that handle
PHI as part of their business e.g. doctors, dentists, hospitals, pharmacies,
government programs that pay for healthcare, behavioral health centers
- If you work for a CE, you must comply with HIPAA
- They're only allowed to release that info if you sign consent forms
HIPAA requires organizations to (8) - correct answer ✔1. Provide a privacy
notice that explains their privacy policy
2. Safeguard individual's health information when we store or transmit it
3. Provide individuals access to their own health information as required by
HIPAA
4. Obtain a valid, signed authorization form to disclose health information to
third parties
5. Request, use, or disclose health information only as permitted by HIPAA
6. Provide training to employees on privacy policies and procedures
7. Keep records in a locked and secured setting
8. Shred rather than throw documents away
, Business associates (BA) (3) - correct answer ✔- Persons or entities who
perform functions on behalf of, or provide certain services to, a CE that
involve PHI
- Responsible for carrying out contractual obligations and are directly liable for
certain HIPAA violations.
- All BAs must enter into a contract with a CE to ensure that they understand
the responsibility of safeguarding PHI
BA's responsibilities of safeguarding PHI (6) - correct answer ✔• An
answering service
• Billing company
• Shredding company
• Data warehouse
• Document storage vendor
• Accountants and lawyers
PHI - correct answer ✔protected health information
Health information that is oral, electronic, or on paper and identifies or could
be used to identify an individual
It is created or received by a healthcare provider, health plan, employer, or
healthcare clearing house and relates to:
- An individual's past, present, or future physical and mental health
- The provision of healthcare of an individual
- The past, present and future payment for healthcare that identifies an
individual
HIPAA (3) - correct answer ✔- allows people to carry insurance from one
employer to another and to protect the privacy of their medical records while
allowing the flow of information in order to provide high quality health care
- HIPAA describes steps that must be taken to secure confidential electronic
protected health info from unintended disclosure through security breaches
- Limits the circumstances in which an individual's PHI (protected health
information) may be used or disclosed y many different organizations
Covered Entities (CEs) (3) - correct answer ✔- Organizations that handle
PHI as part of their business e.g. doctors, dentists, hospitals, pharmacies,
government programs that pay for healthcare, behavioral health centers
- If you work for a CE, you must comply with HIPAA
- They're only allowed to release that info if you sign consent forms
HIPAA requires organizations to (8) - correct answer ✔1. Provide a privacy
notice that explains their privacy policy
2. Safeguard individual's health information when we store or transmit it
3. Provide individuals access to their own health information as required by
HIPAA
4. Obtain a valid, signed authorization form to disclose health information to
third parties
5. Request, use, or disclose health information only as permitted by HIPAA
6. Provide training to employees on privacy policies and procedures
7. Keep records in a locked and secured setting
8. Shred rather than throw documents away
, Business associates (BA) (3) - correct answer ✔- Persons or entities who
perform functions on behalf of, or provide certain services to, a CE that
involve PHI
- Responsible for carrying out contractual obligations and are directly liable for
certain HIPAA violations.
- All BAs must enter into a contract with a CE to ensure that they understand
the responsibility of safeguarding PHI
BA's responsibilities of safeguarding PHI (6) - correct answer ✔• An
answering service
• Billing company
• Shredding company
• Data warehouse
• Document storage vendor
• Accountants and lawyers
PHI - correct answer ✔protected health information
Health information that is oral, electronic, or on paper and identifies or could
be used to identify an individual
It is created or received by a healthcare provider, health plan, employer, or
healthcare clearing house and relates to:
- An individual's past, present, or future physical and mental health
- The provision of healthcare of an individual
- The past, present and future payment for healthcare that identifies an
individual
