|
In the US, privacy protections for health information come from: |
Privacy protections come from all of these sources – both federal and state law, as well as the requirements of private certification organizations. |
|
Privacy, in the health information context discussed here, refers to: |
The rules about who can access health information, and under what circumstances. |
|
Under the federal HIPAA regulations, state health privacy laws: |
Remain in effect if more stringent than what HIPAA provides. |
|
What kinds of persons and organizations are affected by HIPAA’s requirements? |
Health care providers, health plans, and health information clearinghouses, their business associates, and the workers for those organizations. |
|
HIPAA privacy protections cover identifiable personal information about the "past, present or future physical or mental health condition." What does that include? |
Health information in any form or medium, as long as it is identified (or identifiable) as a particular person’s information. |
|
When patients receive a copy of an organization’s Privacy Notice, they are asked to sign an acknowledgment. Why? |
It shows they received it. |
|
What are organizations covered by the federal HIPAA privacy law expected to do? |
Organizations are expected to do all of these things. |
|
Which of these is not a right under HIPAA? |
To control all disclosures of information in the health record. |
|
What does HIPAA’s "minimum necessary" standard require of health care workers? |
All of these are covered under "minimum necessary." |
|
HIPAA’s "incidental uses and disclosures" provision excuses deviations from the minimum necessary standard. What is excused? |
Truly accidental "excess" uses and disclosures, where reasonable caution was otherwise used and there was no negligence. |
|
When a privacy problem is discovered, which of the following is/are true? |
All of the above |
|
HIPAA allows health care organizations to control many information decisions. But where the patient retains control, which of the following is/are true? |
If a person has a right to make a health care decision, then he/she has a right to control information associated with that decision. |
|
With respect to permissions for uses and disclosures, HIPAA divides up health information into three categories. Into which category does information related to" treatment, payment and health care operations" go? |
Uses or disclosures that can generally occur without any specific permission from the patient. |
|
With respect to permissions for uses and disclosures, HIPAA divides up health information into three categories. Into which category do discussions with family members go? |
Uses or disclosures that require generally oral agreement only. |
|
With respect to permissions for uses and disclosures, HIPAA divides up health information into three categories. Into which category does information related to research, marketing and fundraising go? |
Uses or disclosures that generally require specific written authorization. |
|
Which of the following are organizations required to do under HIPAA? |
All of the above; Organizations are expected to do all of these things. |
Share This
Flashcard
