HIPAA Electronic Health Records (EHR) Compliance

Question 1

Under HIPAA, which of the following is a primary requirement for electronic health record systems handling Protected Health Information (PHI)?

Accepted Answer

Implementing access controls that limit PHI access to authorized users

Answer

HIPAA's Security Rule requires covered entities to implement technical access controls ensuring only authorized individuals can access PHI in electronic form.

Question 2

A hospital migrates to a new EHR system. What HIPAA requirement applies to PHI stored in the old system?

Accepted Answer

It must be retained according to applicable retention laws and securely disposed of when no longer needed

Answer

HIPAA requires that PHI be retained per applicable state and federal retention laws, and disposed of securely when retention periods expire.

Question 3

Which HIPAA Security Rule standard directly addresses the integrity of electronic PHI in EHR systems?

Accepted Answer

Integrity Controls

Answer

Integrity controls are required under the Technical Safeguards section of the Security Rule to ensure ePHI is not improperly altered or destroyed.

Question 4

A physician practice uses a cloud-based EHR platform. Under HIPAA, what document is required between the practice and the EHR vendor?

Accepted Answer

A Business Associate Agreement (BAA)

Answer

When a vendor creates, receives, maintains, or transmits PHI on behalf of a covered entity, a Business Associate Agreement is legally required.

Question 5

Under HIPAA, an EHR system's audit log must capture which of the following?

Accepted Answer

User activity including access, modifications, and disclosures of PHI

Answer

HIPAA requires audit controls that record and examine activity in systems containing ePHI, including who accessed, modified, or disclosed information.

HIPAA - Health Insurance Portability and Accountability Act Practice Test

HIPAA - Health Insurance Portability and Accountability Act Practice Test

HIPAA Electronic Health Records (EHR) Compliance