


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
What is the first step a covered entity is expected to take, according to HIPAA standards, if one of its business entities has violated a standard or a breach has occurred? ✔✔Take reasonable steps to resolve it Psychotherapy notes are treated exactly the same as other health care information. ✔✔False Which of the following must appear on a covered entity's NPP? ✔✔All of the above
Typology: Exams
1 / 4
This page cannot be seen from the preview
Don't miss anything!
What is the first step a covered entity is expected to take, according to HIPAA standards, if one of its business entities has violated a standard or a breach has occurred? ✔✔Take reasonable steps to resolve it
Psychotherapy notes are treated exactly the same as other health care information. ✔✔False
Which of the following must appear on a covered entity's NPP? ✔✔All of the above
Individuals do not have the right to request amendments to their medical records. ✔✔False
Which of the following would be considered protected health information? ✔✔All of the above
A covered entity creates a process that ensures that data it receives and transmits is correct and in the same state it was before the transaction. What kind of technical safeguard is this considered to be? ✔✔Integrity control
Which of the following is NOT a permitted use of protected health information under HIPAA? ✔✔Patient's medical diagnosis given to an outside caller
A hospital reports specific cases of an outbreak of a communicable disease to a public health authority. This is permissible because ✔✔It is in the public interest
The same covered entities that must comply with HIPAA privacy standards are also required to comply with HIPAA security standards. ✔✔True
Which of the following are general security rules under HIPAA? ✔✔All of the above
A business associate does not need to do risk analysis and management. ✔✔False
What type of safeguard limits access to locations where PHI is kept and maintained? ✔✔Physical safeguard
Covered entities are required to provide PHI and medical information when it is requested by the individual. ✔✔True
Which of the following are considered HIPAA privacy administrative requirements? ✔✔All of the above
A hospital receives a request to provide a patient's medical record to a correctional facility. The patient then requests an accounting of disclosures. Does the hospital need to include the disclosure to the correctional facility? Why or why not? ✔✔No; this use or disclosure is permitted and does not need to be included