What does HIPAA stand for? Health Industry Privacy and Accountability Act Health Insurance Portability and Accountability Act Health Insurance Privacy and Administration Act

What does HIPAA do? Protects the privacy and security of a patient's health information Provides for electronic and physical security of a patient's health informatin Prevents fraud and abuse All of the above

What is PHI? Privacy Health Information Protected Health Identifier Protected Health Information

Protected Health Information (PHI) can include which of the following: Name Date of birth Medical Record Number IP address All of the above

HIPAA protects all PHI, electronic, verbal, and written True False

Who at GBA must follow the HIPAA law? Vendors who provide services to GBA Every employee Part-time support employee All of the above

GBA is a covered entity. True False

When can you use or disclose PHI? For treatment of a patient, if that is part of your job For obtaining payment for services, if that is part of your job When the patient has authorized, in writing, it release All of the above

How can you protect PHI from unauthorized access? Do not share your password with anyone Log off your computer and/or have a password protected screen saver Both A and B

What if you know that a patient’s PHI has been leaked to an unauthorized party? Report it to the newspaper Call the patient at home and report it to him Report it to the Privacy Officer Call the HIPAA Oversight and Compliance Committee

Which workstation security safeguards are YOU responsible for using and/or protecting? User ID Password Log-off procedures Lock up the office or work area (doors, windows, laptops) All of the above

What is the purpose of Technical security safeguards? To protect against natural disasters To ensure security plans, policies, procedures, training, and contractual agreements exist To provide security for physical facilities, computer systems, and associated equipment To protect data and control access to it.

Penalties for non-compliance can be which of the following types? Civil and Accidental Criminal and Incidental Civil and Criminal Accidental and Purposeful

Which of the following are examples of a health care plan? An HMO Employer group health plans The Medicaid program All of the above

The Security Rule's requirements are organized into which of the following three categories? Administrative, Non-Administrative, and Technical safeguards Physical, Technical, and Non-Technical safeguards Administrative, Physical, and Technical safeguards Privacy, Security and Electronic Transactions

All of the following pieces of information are considered individually identifiable health information, EXCEPT: Birth Date Diagnosis Name Social Security Number

Who enforces HIPAA? Surgeon General Department of Health and Human Services Department of Health Information Security Local Police Department

What is your responsibility regarding HIPAA? Keep protected health information private and secure Keep notes on a patient's protected health information to use during collection efforts. Keep the protected health information for all of the patients you have called today on your desk for your supervisor to reference, if needed. Leave a patient's account and their protected health information on your monitor when you take a break.

It is a violation of HIPAA to throw PHI in a garbage can. True False