HIPAA Review Quiz

Financial information of the patient

Educational records

Health information that is held or transmitted by a covered entity

Employment history

All businesses in the United States

Only educational institutions

Covered entities that handle electronic protected health information

All government organizations

Request amendments to their PHI

Sell their PHI

Allow any use of their PHI without consent

Request unlimited copies of their medical records for free

A detailed list of all employees in the entity

A notice of privacy practices

Free healthcare services

Unlimited access to the entity’s facilities

Encrypting electronic protected health information

Conducting regular risk assessments

Failing to implement adequate security measures for ePHI

Providing training to employees on security policies

For treatment purposes

For marketing purposes

At public events

For selling databases

Implementation of physical, administrative, and technical safeguards

Use of paper records only

Annual public disclosure of all PHI

Encryption of all verbal communications

The right to have medical procedures explained in detail

The right to obtain a copy of their medical records

The right to free medical treatment

The right to modify the terms of the Privacy Rule

The least amount of PHI used for billing purposes

The minimum number of employees that must be trained on HIPAA compliance

The least amount of PHI necessary to accomplish the intended purpose

The minimum security measures that must be implemented

Ensuring the confidentiality of ePHI

Protecting against any reasonably anticipated threats or hazards to the security of ePHI

Allowing all employees unrestricted access to ePHI

Protecting against unauthorized use or disclosure of ePHI