(TCO 1) “The implementation of reasonable policies, processes, steps, and tools used to maintain confidentiality” best describes:
Student Answer: confidentiality.
privacy.
security.
technology.
authorization.
Question 2. Question :
(TCO 1) ___ enables patients to find out how their information may be used and what disclosures of their information have been made.
Student Answer: Confidentiality
Privacy
Security
Technology
Authorization
Question 3. Question :
(TCO 1) What does the acronym PHI stand for?
Student Answer: Protective Healthcare Initiative
Public Health Information
Portable Health Insurance
Protected Health Information
Portable Health Information
Comments:
Question 4. Question :
(TCO 2) The HIPAA Privacy Rule effective date is?
Student Answer: April 14, 2001
April 14, 2003
August 14, 2002
August 12, 1998
February 20, 2003
Question 5. Question :
(TCO 2) Which of the following is the BEST example of an incidental disclosure?
Student Answer overhearing a discussion between a physician and a patient
unlocked and unattended computers or workstations
PHI on a printer
releasing information without an authorization
medical records on the counter in the nurses station
Question 6. Question :
(TCO 2) The Privacy Rule safeguards PHI by which of the following?
Student Answer: giving individuals the right to correct mistakes
telling patients how their information will be used
limiting the use and disclosure of information
All of the above
None of the above
quiz 4
(TCO 4) A gap analysis and risk analysis should be performed to:
determine current and baseline compliance status.
determine baseline and monetary compliance.
determine PHI standards.
INCORRECT determine risk level.
None of the above
Question 2. Question :
(TCO 4) The Security Rule requires healthcare managers to perform an initial risk analysis to determine which of the following?
Specific unauthorized uses
Disclosures
Data integrity losses that could occur to PHI
All of the above
None of the above
:
Question 3. Question :
(TCO 4) The outcome of a risk analysis is dependent upon which of the following?
Results that the organization wants in return
The management of the organization’s risks
Efforts to maintain reasonable security measures
What an organization wants to protect
None of the above
Instructor Explanation: Chapter 12, page 183
Question 4. Question :
(TCO 3) Which item is most appropriate to develop checklist items to determine security violations for computer log-in monitoring?
: Procedures for creating, changing, and safeguarding passwords
Procedures for monitoring log-in attempts and reporting discrepancies
Periodic security updates
All of the above
None of the above
Question 5. Question :
(TCO 3) What is a standard?
provides fewer supporting details for meeting policy requirements
provides supporting details for meeting policy requirements
provides details on how the policy will be implemented
provides details on the organization’s position
None of the above
Instructor Explanation: Chapter 13, Page 186
Points Received: 5 of 5
Comments:
Question 6. Question :
(TCOS 3 and 7) Select the appropriate guideline for dealing with medical information requests.
Make sure it is an unsecured telephone line.
Verify caller’s medical information.
Do not supply information unless there is written patient consent.
Provide medical information without patient consent.
None of the above
quiz 6
(TCO 9) Which of the following should be included within your training and awareness strategy?
A strategy to use marketing techniques to raise training budget.
An identification of states to create preemption procedures.
A procedure for measuring the overall effectiveness of the awareness and education program.
A procedure for answering complaints related to HIPAA compliance.
None of the above
Question 2. Question :
(TCO 5) Access controls consist of:
identification.
authentication.
authorization.
All of the above
None of the above
Question 3. Question :
(TCO 6) What is the order HIPAA recommends an organization follow when responding to and reporting a security incident?
Identify and respond to incidents, mitigate harmful effects, and document incidents and outcomes.
Document incidents and outcomes, identify and respond to incidents, and mitigate harmful effects.
Mitigate harmful effects, document incidents and outcomes, identify and respond to incidents.
None of the above
Question 4. Question :
(TCO 6) What should be in place prior to responding to an incident?
A disaster recovery plan and an expert team
A formal response procedure and an expert team
A contingency plan and an expert team
None of the above
:
Question 5. Question :
(TCO 6) What is the difference between an incremental and differential backup?
Incremental does not mark the files as being backed up.
Differential does not mark the files as being backed up.
Incremental backs up files that have not changed.
Differential backs up files that have not changed.
None of the above
Question 6. Question :
(TCO 5) To address backup and storage requirements, an organization should:
implement procedures for removal of electronic protected health information from electronic media before the media are made available for reuse.
develop policies and procedures to address the final disposition of electronic protected health information and/or hardware of electronic media.
create a retrievable, exact copy of electronic protected health information, when needed, before movement of equipment.
determine appropriate storage requirements for the media.
None of the above
You Want A Similar Paper Done? Don’t be stressed, Click Here To Order this essay!!