FREE Certified in Healthcare Privacy and Security Trivia Questions and Answers
A covered company has been asked in writing to postpone notifying the public of a data breach because it would complicate an investigation. How long may the covered entity delay sending the notice?
When a patient obtains a treatment, pays out of pocket, and wishes that information not be forwarded to his or her personal account, a healthcare institution must abide by a limitation.
A healthcare organization must comply with a restriction when a patient receives a service, pays out of pocket, and requests that information is not sent to his/her health insurance company.
Under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, the disclosure of protected health information (PHI) for marketing purposes generally requires the individual's authorization. PHI includes any individually identifiable health information held or transmitted by a covered entity or its business associates.
Data is sent between computers in encrypted form. Which of the following best represents the date following the use of the encryption algorithm?
The term that describes the data after the encryption algorithm has been applied is "encrypted data."
Encryption is a process of encoding data to make it unreadable or unintelligible to unauthorized individuals. It involves using an encryption algorithm and a key to transform the original data into encrypted form, also known as ciphertext.
Which of the following is under HIPAA and involves giving a primary care provider a copy of an emergency department visit report?
Providing a copy of an emergency room visit report to a primary care provider is an example of a "disclosure of protected health information" under HIPAA.
HIPAA, the Health Insurance Portability and Accountability Act, establishes rules and regulations to protect the privacy and security of individuals' protected health information (PHI). PHI refers to any individually identifiable health information held or transmitted by a covered entity or its business associates.
How much time is allotted for a covered company to reply to an accounting of disclosure request?
A covered entity under the Health Insurance Portability and Accountability Act (HIPAA) has a maximum of 30 days to respond to an accounting of disclosure request from an individual. However, if the covered entity is unable to meet the deadline within the initial 30-day period, they can request a one-time 30-day extension to provide a response.
A new business partner was employed by a covered organization. The business associate asked the covered entity to sign the contract provided by the vendor during the assessment of the business associates agreement. Is this a proper procedure?
The organization must take action if a health insurance provider contacts a member to advertise a car insurance plan provided by the same provider.
Under the Health Insurance Portability and Accountability Act (HIPAA) Breach Notification Rule, covered entities are generally required to provide timely notification to individuals whose protected health information (PHI) has been breached. The notification should be made without unreasonable delay and no later than 60 days from the discovery of the breach.