Exam 4: Security Rule Explained

Correct Answer

verified

Show Answer

A) Business Associate contracts for compliancy issues.
B) Trading Partner agreements to ensure they are fully complying with HIPAA rules.
C) Both A and B as required by Organization Requirements of Security Rule.
D) Neither A nor B in order to comply with the Security Rule.

Correct Answer

verified

Show Answer

A) unrecorded video teleconferencing.
B) any computer storage media.
C) voicemail messages
D) paper-to-paper faxes.

Correct Answer

verified

Show Answer

Correct Answer

verified

Show Answer

A) the HIPAA Security Officer has placed limits on what information is viewed by Business Associates determined by their job description.
B) policies and procedures are written to protect against unlawful access by administration.
C) changing the passwords for computer access every 30 days.
D) safeguards are in place to protect it against unauthorized access or loss.

Correct Answer

verified

Show Answer

A) making recommendations for new computers and seeing that they are configured to ensure secure e-PHI.
B) developing and implementing policies and procedures for the facility.
C) overseeing the training of new doctors and the retraining of all doctors on a regular basis.
D) reviewing the Notice of Privacy Practices for the facility and keeping them up to date.

Correct Answer

verified

Show Answer

Correct Answer

verified

Show Answer

A) never covered by HIPAA Security Rule.
B) covered by HIPAA Security Rule if they are not erased after the physician's report is signed.
C) covered by HIPAA Security Rule only if the patient has not signed a consent form.
D) not covered by HIPAA Security Rule if used to train medical students.

Correct Answer

verified

Show Answer

A) having the ability to enter a facility where paper medical records are kept.
B) what allows an individual to enter a computer system for an authorized purpose.
C) finding a password to gain access to medical information.
D) permitted only to the HIPAA Officer and the computer technicians.

Correct Answer

verified

Show Answer

Correct Answer

verified

Show Answer

Correct Answer

verified

Show Answer

A) Organization requirements; policies, procedures, and documentation; technical safeguards; administrative safeguards; and physical safeguards
B) Unique identifiers; administrative safeguards; technical safeguards; physical safeguards; and electronic signatures
C) Administrative safeguards; physical safeguards; policies, procedures, and documentation; a HIPAA Security Officer in charge; and a complex computer data backup system
D) Policies, procedures, and documentation; organization requirements; protected wireless access; secure firewalls; and virus protection

Correct Answer

verified

Show Answer

A) 4 years.
B) 6 years.
C) 7 years.
D) an indefinite time.

Correct Answer

verified

Show Answer

A) all computer hardware and software used within the facility when it comes in and when it goes out of the facility.
B) just the addition of hardware and software within the facility to be sure they are compliant with the Security Rule.
C) just the removal of hardware and software within the facility to be sure all data is removed.
D) the net value of disposed equipment that the facility has removed from use.

Correct Answer

verified

Show Answer

Correct Answer

verified

Show Answer

A) Centers for Medicare and Medicaid Services.
B) Office of E-Health Standards and Services.
C) Office for Civil Rights.
D) Office of HIPAA Standards.

Correct Answer

verified

Show Answer

Correct Answer

verified

Show Answer

A) access to the medical record for treatment purposes.
B) limiting access to the minimum necessary for the particular job assigned to the particular login.
C) restricting access to only clinical staff for treatment purposes, medical records department for coding purposes, and the billing department for purposes of claim submission.
D) only allowing patients access to their medical records if it is court ordered.

Correct Answer

verified

Show Answer