#1
Which law governs the protection of healthcare information privacy in the United States?
Health Insurance Portability and Accountability Act (HIPAA)
Americans with Disabilities Act (ADA)
Family and Medical Leave Act (FMLA)
Sarbanes-Oxley Act (SOX)
#2
What does PHI stand for in the context of healthcare information?
Personal Health Insurance
Public Health Initiative
Protected Health Information
Private Health Investigation
#3
What is the purpose of a Business Associate Agreement (BAA) in healthcare information privacy?
To establish guidelines for employee conduct
To regulate employee salaries
To outline the responsibilities of third-party entities handling PHI
To manage inventory of medical supplies
#4
Which organization is responsible for enforcing HIPAA regulations?
Centers for Disease Control and Prevention (CDC)
Department of Health and Human Services (HHS)
Food and Drug Administration (FDA)
Occupational Safety and Health Administration (OSHA)
#5
What is the purpose of the Breach Notification Rule under HIPAA?
To require covered entities to notify affected individuals and the Department of Health and Human Services (HHS) of breaches of unsecured PHI
To establish guidelines for employee conduct
To regulate employee salaries
To manage inventory of medical supplies
#6
Which of the following is NOT considered a breach of healthcare information privacy under HIPAA?
Unauthorized access of patient records by an employee
Accidental disclosure of PHI to the wrong recipient
A healthcare provider sharing PHI with a patient's family member without consent
Secure transmission of PHI between authorized parties
#7
What is the role of a HIPAA Privacy Officer within a healthcare organization?
To ensure compliance with HIPAA regulations
To handle billing and insurance claims
To oversee medical research projects
To manage facility maintenance
#8
What is the purpose of the Health Information Technology for Economic and Clinical Health (HITECH) Act?
To improve healthcare quality, safety, and efficiency through the use of information technology
To regulate the pricing of healthcare services
To provide free healthcare services to economically disadvantaged individuals
To establish guidelines for medical research ethics
#9
Which of the following is an example of a technical safeguard under HIPAA?
Employee training programs
Security incident procedures
Access controls
Workstation use policies
#10
Which of the following is NOT considered protected health information (PHI) under HIPAA?
Name and address
Social security number
Medical diagnosis
Email address
#11
Which of the following is a key principle of the General Data Protection Regulation (GDPR) concerning healthcare data?
Data minimization
Data monetization
Data centralization
Data standardization
#12
What is the term used to describe the process of converting data into a secret code to prevent unauthorized access?
Encryption
Decryption
Obfuscation
Transcription
#13
Which of the following is NOT a requirement of the Security Rule under HIPAA?
Implementing encryption of health information
Conducting regular risk assessments
Providing training on security policies and procedures
Obtaining patient consent for all disclosures of PHI
#14
What is the purpose of the Omnibus Rule under HIPAA?
To strengthen privacy and security protections for PHI
To regulate the pricing of healthcare services
To establish guidelines for employee conduct
To manage inventory of medical supplies
#15
What is the penalty for HIPAA violations?
Fines up to $50,000
Criminal charges
Revocation of medical license
Civil monetary penalties ranging from $100 to $50,000 per violation