HIPPA
The HIPAA Security Rule establishes national standards to protect individuals'
______ that is created, received, used, or maintained by a covered entity or
business associate. - correct answer ✔electronic personal health information
The Security Rule requires covered entities to maintain reasonable and
appropriate _____ for protecting e-PHI. - correct answer ✔administrative,
technical, and physical safeguards
Does this description represent Required or Addressable according to the
Security Rule?
The given standard is mandatory and, therefore, must be complied with. -
correct answer ✔Required
Which of the following are administrative safeguards according to HIPAA's
Security Rule: (mark 3 of the 4 options) - correct answer ✔Assign a privacy
officer
Implement employee training
Review policies and procedures
Which of the following are technical safeguards according to HIPAA's Security
Rule: (Mark 3 of the 4 options) - correct answer ✔Assign a unique name
and/or number for identifying and tracking user identity
Establish (and implement as needed) procedures for obtaining necessary
ePHI during an emergency
, Implement a mechanism to encrypt and decrypt ePHI
Which of the following are physical safeguards according to HIPAA's Security
Rule: - correct answer ✔E. [all others]
Which is NOT considered best practices to meet HIPAA's Security Rule: -
correct answer ✔Do not set a timed lock-screen to avoid leaving live
computer/tablet/phone screens unattended
I work at a BA that manages billing for physicians. I took a screenshot of a
screen that showed some pieces of PHI and emailed it to our IT department
so they could help with an IT issue I am having. I am not sure if we have a
BAA with our email provider. - correct answer ✔B. Security Rule not met
In my office, the computers that have ePHI stored on them are all located in a
special room that has a key fob to enter. Only specific roles have access to
those key fobs. - correct answer ✔A. Security Rule met
I am reusing an old external hard drive at work. My boss said just delete all
the files on it and reuse it. - correct answer ✔B. Security Rule not met
The Privacy rule is a series of national regulations addressing how Protected
health information (PHI) can be _____ and _____. - correct answer ✔C.
shared; used
Which of these disclosures DOES require written authorization: - correct
answer ✔C. For any communication about a product or service that
encourages recipients to purchase or use the product or service
The HIPAA Security Rule establishes national standards to protect individuals'
______ that is created, received, used, or maintained by a covered entity or
business associate. - correct answer ✔electronic personal health information
The Security Rule requires covered entities to maintain reasonable and
appropriate _____ for protecting e-PHI. - correct answer ✔administrative,
technical, and physical safeguards
Does this description represent Required or Addressable according to the
Security Rule?
The given standard is mandatory and, therefore, must be complied with. -
correct answer ✔Required
Which of the following are administrative safeguards according to HIPAA's
Security Rule: (mark 3 of the 4 options) - correct answer ✔Assign a privacy
officer
Implement employee training
Review policies and procedures
Which of the following are technical safeguards according to HIPAA's Security
Rule: (Mark 3 of the 4 options) - correct answer ✔Assign a unique name
and/or number for identifying and tracking user identity
Establish (and implement as needed) procedures for obtaining necessary
ePHI during an emergency
, Implement a mechanism to encrypt and decrypt ePHI
Which of the following are physical safeguards according to HIPAA's Security
Rule: - correct answer ✔E. [all others]
Which is NOT considered best practices to meet HIPAA's Security Rule: -
correct answer ✔Do not set a timed lock-screen to avoid leaving live
computer/tablet/phone screens unattended
I work at a BA that manages billing for physicians. I took a screenshot of a
screen that showed some pieces of PHI and emailed it to our IT department
so they could help with an IT issue I am having. I am not sure if we have a
BAA with our email provider. - correct answer ✔B. Security Rule not met
In my office, the computers that have ePHI stored on them are all located in a
special room that has a key fob to enter. Only specific roles have access to
those key fobs. - correct answer ✔A. Security Rule met
I am reusing an old external hard drive at work. My boss said just delete all
the files on it and reuse it. - correct answer ✔B. Security Rule not met
The Privacy rule is a series of national regulations addressing how Protected
health information (PHI) can be _____ and _____. - correct answer ✔C.
shared; used
Which of these disclosures DOES require written authorization: - correct
answer ✔C. For any communication about a product or service that
encourages recipients to purchase or use the product or service
