(TCO 1) “The implementation of reasonable policies, processes, steps, and tools used to maintain confidentiality” best describes:

Student Answer: confidentiality.

privacy.

security.

technology.

authorization.

Question 2. Question :

(TCO 1) ___ enables patients to find out how their information may be used and what disclosures of their information have been made.

Student Answer: Confidentiality

Privacy

Security

Technology

Authorization

Question 3. Question :

(TCO 1) What does the acronym PHI stand for?

Student Answer: Protective Healthcare Initiative

Public Health Information

Portable Health Insurance

Protected Health Information

Portable Health Information

Comments:

Question 4. Question :

(TCO 2) The HIPAA Privacy Rule effective date is?

Student Answer: April 14, 2001

April 14, 2003

August 14, 2002

August 12, 1998

February 20, 2003

Question 5. Question :

(TCO 2) Which of the following is the BEST example of an incidental disclosure?

Student Answer overhearing a discussion between a physician and a patient

unlocked and unattended computers or workstations

PHI on a printer

releasing information without an authorization

medical records on the counter in the nurses station

Question 6. Question :

(TCO 2) The Privacy Rule safeguards PHI by which of the following?

Student Answer: giving individuals the right to correct mistakes

telling patients how their information will be used

limiting the use and disclosure of information

All of the above

None of the above

quiz 4

(TCO 4) A gap analysis and risk analysis should be performed to:

determine current and baseline compliance status.

determine baseline and monetary compliance.

determine PHI standards.

INCORRECT determine risk level.

None of the above

Question 2. Question :

(TCO 4) The Security Rule requires healthcare managers to perform an initial risk analysis to determine which of the following?

Specific unauthorized uses

Disclosures

Data integrity losses that could occur to PHI

All of the above

None of the above

:

Question 3. Question :

(TCO 4) The outcome of a risk analysis is dependent upon which of the following?

Results that the organization wants in return

The management of the organization’s risks

Efforts to maintain reasonable security measures

What an organization wants to protect

None of the above

Instructor Explanation: Chapter 12, page 183

Question 4. Question :

(TCO 3) Which item is most appropriate to develop checklist items to determine security violations for computer log-in monitoring?

: Procedures for creating, changing, and safeguarding passwords

Procedures for monitoring log-in attempts and reporting discrepancies

Periodic security updates

All of the above

None of the above

Question 5. Question :

(TCO 3) What is a standard?

provides fewer supporting details for meeting policy requirements

provides supporting details for meeting policy requirements

provides details on how the policy will be implemented

provides details on the organization’s position

None of the above

Instructor Explanation: Chapter 13, Page 186

Points Received: 5 of 5

Comments:

Question 6. Question :

(TCOS 3 and 7) Select the appropriate guideline for dealing with medical information requests.

Make sure it is an unsecured telephone line.

Verify caller’s medical information.

Do not supply information unless there is written patient consent.

Provide medical information without patient consent.

None of the above

quiz 6

(TCO 9) Which of the following should be included within your training and awareness strategy?

A strategy to use marketing techniques to raise training budget.

An identification of states to create preemption procedures.

A procedure for measuring the overall effectiveness of the awareness and education program.

A procedure for answering complaints related to HIPAA compliance.

None of the above

Question 2. Question :

(TCO 5) Access controls consist of:

identification.

authentication.

authorization.

All of the above

None of the above

Question 3. Question :

(TCO 6) What is the order HIPAA recommends an organization follow when responding to and reporting a security incident?

Identify and respond to incidents, mitigate harmful effects, and document incidents and outcomes.

Document incidents and outcomes, identify and respond to incidents, and mitigate harmful effects.

Mitigate harmful effects, document incidents and outcomes, identify and respond to incidents.

None of the above

Question 4. Question :

(TCO 6) What should be in place prior to responding to an incident?

A disaster recovery plan and an expert team

A formal response procedure and an expert team

A contingency plan and an expert team

None of the above

:

Question 5. Question :

(TCO 6) What is the difference between an incremental and differential backup?

Incremental does not mark the files as being backed up.

Differential does not mark the files as being backed up.

Incremental backs up files that have not changed.

Differential backs up files that have not changed.

None of the above

Question 6. Question :

(TCO 5) To address backup and storage requirements, an organization should:

implement procedures for removal of electronic protected health information from electronic media before the media are made available for reuse.

develop policies and procedures to address the final disposition of electronic protected health information and/or hardware of electronic media.

create a retrievable, exact copy of electronic protected health information, when needed, before movement of equipment.

determine appropriate storage requirements for the media.

None of the above

You Want A Similar Paper Done? Don’t be stressed, Click Here To Order this essay!!