HIPAA Security and Privacy Training

maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting electronic protected health information (e-PHI).

Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit.

Identify and protect against reasonably anticipated threats to the security or integrity of the information.

Protect against reasonably anticipated, impermissible uses or disclosures.

Ensure compliance by their workforce.

physician

security official

police officer

custodian

True

False

Treatment purposes

Payment

Health care operations activities

All of the above

Marketing activities

Research

PHI sales and licensing

Information sharing needed for treatment

non-protected health information (non-PHI)

reverse PHI

regulated PHI

de-identified health information

absence of actual knowledge by the covered entity that the remaining information could be used alone or in combination with other information to identify the individual

removal of only patient name and date of birth

a formal determination by a qualified expert

the removal of 18 specified individual identifiers

Health plans

Health care clearinghouses

Health care providers who conduct certain financial and administrative transactions electronically.

Life insurance companies

tossing into the trashcan or recycle bin.

clearing (using software or hardware products to overwrite media with non-sensitive data).

purging (degaussing or exposing the media to a strong magnetic field in order to disrupt the recorded magnetic domains).

destroying (disintegration, pulverization, melting, incinerating, or shredding).

True

False