What is the purpose of enabling Two-Factor Authentication (2FA) for systems containing PHI?

To add an extra layer of security

What should be done before disposing of devices containing PHI?

Securely erase data and sanitize devices

Why is it important to implement audit controls for PHI access?

To track PHI access and monitor unauthorized activities

What is the role of access control in managing PHI?

To implement role-based access controls

What is the importance of decryption keys in PHI management?

They should be securely stored and restricted to authorized personnel.

What should you do if someone requests access to production PHI/PII data?

Politely refuse unless the request follows proper approval channels.

What is the recommended action if you are unsure about sharing PHI/PII data?

Consult with your supervisor or data protection officer.

Why is it important not to write down PHI/PII on personal devices?

Local devices are less secure and can expose sensitive information.

What should you do if you need to take notes for development or troubleshooting purposes?

Ensure the information is anonymized.

What is a potential consequence of sharing PHI/PII data without authorization?

Violation of privacy regulations and legal consequences.

What is the main difference between mock data and real data?

Mock data is used for testing and contains no real patient information, while real data contains actual PHI.

What should you do if you are unsure whether data contains PHI?

Assume it does and take precautions.

Which of the following is a best practice for using test data? Options: Use real patient names for accuracy. Encrypt or remove PHI before transferring datasets. Share test data publicly for transparency. Use test data in production environments.

Encrypt or remove PHI before transferring datasets.

What was the consequence of using real patient data in a test environment in the case study?

The hospital received a $3 million fine.

Which of the following is NOT a recommended practice for data security? Options: Use strong encryption and secure authentication methods. Regularly audit your systems and practices. Use the office laptop for personal activities like downloading movies. Follow your organization's data security policies.

Use the office laptop for personal activities like downloading movies.

What should you avoid doing with PHI to maintain security? Options: Download PHI to local machines, Use PHI in public settings, Share PHI with unauthorized personnel

Access PHI through secure environments

What should be done with downloaded PHI after use? Options: Store it on a local device, Share it with colleagues, Upload it to a public cloud

Immediately delete it from the RDP environment

What is the first action to take if PHI is found in an insecure location?

Report the incident using the company’s incident management system

What type of access control should be implemented for PHI?

Role-based access control (RBAC)

What techniques should be used where needed to protect data?

Anonymization and de-identification

Where should you avoid committing PHI?

GitHub or any version control system

HIPAA Compliance Flashcard Flashcards

Student preview

43 questions

Show all answers

1.

FLASHCARD QUESTION

Front

What should you always do with your devices to prevent unauthorized access?

Back

Lock them when stepping away

2.

FLASHCARD QUESTION

Front

What type of passwords should be used to access platforms containing PHI?

Back

Strong and unique

3.

FLASHCARD QUESTION

Front

What should you do if PHI is sent through email by accident?

Back

Report it to the Project Manager

4.

FLASHCARD QUESTION

Front

Why should you use de-identified data for testing?

Back

To ensure compliance and data privacy

5.

FLASHCARD QUESTION

Front

What should you never do with PHI on personal devices?

Back

Store it without authorization

6.

FLASHCARD QUESTION

Front

What is the purpose of encrypting PHI data at rest?

Back

To protect it from unauthorized access

7.

FLASHCARD QUESTION

Front

What should be regularly assessed to ensure third-party vendors meet HIPAA compliance?

Back

Their security practices

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

37 questions

General Art and Architectural Terms

Flashcard

•

University

37 questions

Untitled Flashcards

Flashcard

•

University

38 questions

Vocabulary Flashcards PET Part 3 Reading

Flashcard

•

5th Grade

40 questions

Untitled Flashcards

Flashcard

•

6th Grade - University

33 questions

Means of transport Flashcards

Flashcard

•

10th Grade

31 questions

Earth's Features Review Flashcard

Flashcard

•

4th Grade

38 questions

Theater and Film Vocabulary

Flashcard

•

11th Grade

Popular Resources on Wayground

20 questions

STAAR Review Quiz #3

Quiz

•

8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

6 questions

Marshmallow Farm Quiz

Quiz

•

2nd - 5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

19 questions

Classifying Quadrilaterals

Quiz

•

3rd Grade

12 questions

What makes Nebraska's government unique?

Quiz

•

4th - 5th Grade

Discover more resources for

20 questions

STAAR Review Quiz #3

Quiz

•

8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

6 questions

Marshmallow Farm Quiz

Quiz

•

2nd - 5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

19 questions

Classifying Quadrilaterals

Quiz

•

3rd Grade

12 questions

What makes Nebraska's government unique?

Quiz

•

4th - 5th Grade