CHPC Patient Rights and Access to Health Records

Question 1

Under HIPAA, how long does a covered entity generally have to respond to a patient's request for access to their PHI?

Accepted Answer

30 days, with a possible 30-day extension

Answer

60 days, with no extension

Answer

15 days, with a 15-day extension

Answer

45 days, with no extension

Question 2

Which of the following is NOT a valid reason for a covered entity to deny a patient access to their PHI?

Accepted Answer

The PHI was created by another provider

Answer

The information was compiled for litigation

Answer

A licensed provider believes access could cause harm

Answer

A privacy board approved denial

Question 3

A patient requests an amendment to their medical record. Under HIPAA, how long does the covered entity have to act on this request?

Accepted Answer

60 days, with a possible 30-day extension

Answer

30 days, with no extension

Answer

90 days, with a 30-day extension

Answer

14 days, with no extension

Question 4

Which right allows patients to receive a list of disclosures of their PHI made by a covered entity in the past six years?

Accepted Answer

Right of accounting of disclosures

Answer

Right of access

Answer

Right to restrict

Answer

Right to amend

Question 5

A patient asks a covered entity to restrict the disclosure of their PHI to their health plan for a service they paid for out of pocket. Under HIPAA, the covered entity must:

Accepted Answer

Honor the restriction

Answer

Evaluate the request and decide

Answer

Deny the request as health plans are required recipients

Answer

Request physician approval first

Question 6

Under HIPAA, a covered entity may charge a fee for providing a copy of PHI to a patient. Which cost element is NOT allowable?

Accepted Answer

Staff time to locate and pull the record

Answer

Labor for copying

Answer

Postage

Answer

Cost of the physical media (e.g., a USB drive)