HIPAA Quiz June 21, 2021 | No Comments January 15, 2025 Welcome to your HIPAA Quiz Name Clinic Email You should have a patient write down the reason for their visit on a public sign in sheet. True False None Which of the following can be considered a privacy violation? Faxes left unattended for others to see Medical staff talking to loudly Computer files unprotected by passwords All of the above None One of the first things your office should do when implementing the Privacy Rule is: Hire a lawyer Limit the number of patients your office sees each day Appoint a privacy official Purchase a paper shredder None The main responsibilities of the privacy official are: To make everyone's life miserable To tell patients what you can and can't do for them To help your office become HIPAA compliant and train staff To report all privacy violations to the local press None Protecting patient privacy in your office is the responsibility of: Physicians Everyone Assistants The privacy official None PHI stand for: Private health information Personal health information Public health information Protected health information None PHI refers to: Preferred health insurance Individual health information that identifies a patient Any information a patient gives to a family member A television drama involving public health investigators None Where in your office might you find PHI? Patient charts Records room Prescription bottles All of the above None The Notice of Privacy Practices (NPP) is a legal document that outlines: How an office will work with its vendors When an office will operate during holidays How an office will protect patient's rights What an office will do in case of a medical emergency None Where are you required to post the NPP? In each exam room In the bathrooms On the front door In the waiting area None Your office is required to document your efforts to obtain patient signatures: Only if they sign the NPP Only if they ask you to document their signature Whether they sign the NPP or not Only if the patient refuses to sign None Business associate agreements are designed to: Protect patient privacy with outside vendors who may have access to PHI Keep vendors from seeing PHI Give PHI to vendors without alarming patients Generate new business leads for your office None A patient's request to amend should be obtained in writing and documented. True False None When an employee commits repeated privacy breaches the employee may be subjected to disciplinary actions by the practice. True False None A case worker at an agency is approached by a doctor who requests the patient history of an individual. The doctor thinks the history information might help diagnose the patient's current condition. Under which category does this disclosure fall? Treatment Payment Operations None A child has been brought in by a parent. The child has a broken arm and several bruises. The assistant suspects that the child may be a victim of abuse. What should the assistant do in this situation? Nothing, because discussing the minor's PHI is a violation of HIPAA Report suspicions to the proper authorities, as is allowed by HIPAA Try to get the parent to authorize reporting the situation Inform the parent that abuse is suspected None Someone from the billing department calls inquiring about services provided to a patient. What information should be provided. All of the information in the patient's chart Why the patient needed medical treatment A complete list of services provided Something funny that happened during the exam None As long as you are authorized to view information, you can do so whenever you want to, for any reason. True False None When discussing PHI with a patient or parent, you should: Save time and yell it across the waiting room Move to a private area to talk Gather all family members in a group to discuss None An office has a business associate contract with an outside vendor. In the past, the vendor has used PHI inappropriately. The office took reasonable steps to correct the misuse, but the vendor continues to use the PHI inappropriately. What should the office do? Monitor the situation and, if it gets worse, file a report Terminate the contract with the vendor Don't do anything and hope it goes away Call the vendor and threaten them with a lawsuit None A parent of a non-minor child calls and requests records. It is ok to release them without authorization because it is to the parent. True False None A patient finds out some information regarding the use of his PHI and feels that his privacy rights have been violated. The patient can file a complaint with the department of health and human services and bypass the office altogether. True False None It is ok to share computer passwords with co-workers. True False None Patients have the right to inspect and copy their medical record if: They provide proof of identity They make the request in writing - sign authorization They threaten to call their lawyer Both a & b None As an employee in the clinic you have the right to review the following patient records without completing a valid authorization form: Yours Your significant other's Your child(ren)'s Your parent's None of the above None I have received and reviewed a copy of Ocean Dental's health information privacy policies and procedures. True False None I have also received the additional HIPAA power point training. True False None Time's up