Healthcare Privacy and Compliance Quiz

HIPAA stands for Health Insurance Portability and Accountability Act, governing healthcare privacy and security regulations.

PHI stands for Protected Health Information in the context of healthcare privacy.

Medical record numbers are considered sensitive healthcare information under HIPAA.

The Office for Civil Rights (OCR) is responsible for enforcing HIPAA regulations.

The primary goal of the HITECH Act is to promote the adoption of electronic health records.

The purpose of a Data Use Agreement (DUA) is to outline terms and conditions for data sharing.

The Privacy Rule protects the privacy of individually identifiable health information under HIPAA.

The purpose of the Privacy Rule under HIPAA is to protect the privacy of individually identifiable health information.

Health insurance companies are typically considered Business Associates under HIPAA.

The primary purpose of the Security Rule under HIPAA is to protect electronic health information.

De-identification of data means removing all personally identifiable information in healthcare.

FERPA protects the privacy of students' health information in the context of healthcare.

The primary focus of the ONC is promoting the use of health information technology in the United States.

Access controls are an example of a technical safeguard under the HIPAA Security Rule.

The 'minimum necessary' concept means only disclosing the necessary information for a specific purpose.

The Office for Human Research Protections (OHRP) is responsible for maintaining the Common Rule.

Unauthorized access to patient records is considered a security incident under HIPAA.

Data minimization is a key principle of the GDPR concerning healthcare data.

A Risk Assessment identifies and mitigates potential risks to protected health information in healthcare compliance.

Biometric access controls are an example of a physical safeguard under the HIPAA Security Rule.

The NIST develops and maintains security standards for healthcare security.

The Office for Civil Rights (OCR) enforces the HITECH Act.

The role of DES in healthcare security is to ensure the confidentiality of electronic health information.

A security incident response plan is an example of administrative safeguards under the HIPAA Security Rule.

The Breach Notification Rule requires covered entities to notify patients of any unauthorized access to their health information.