EHR HIPAA Compliance Training Jeopardy Template

HIPAA

Did You Know?

This and That

Breach

100

Provides federal protections for personal health information

What is the Privacy Rule of the Health Information Portability and Accountability Act (HIPAA).

100

A persons name, date of birth, address and phone number.

What is Personal Health Information or PHI.

100

Treatment, payment, healthcare operations

What are legitimate reasons to access PHI without consent?

100

Unauthorized access or dislosure of PHI for any reason other than treatment, payment, or healthcare operations

What is a breach of HIPAA.

200

This is the first step you should take if you accidentally inappropriately access a patient's chart.

What is contact the Compliance Officer?

200

Each covered entity, with certain exceptions, must provide this type of notice to all patients.

What is the Notice of Privacy Practices

200

The HIPAA Security Rule was specifically created to address this.

What is "e-PHI"?

200

A press release must be issued to the major media informing the public of a breach if the PHI for this many patients were involved?

What is 500 or more?

300

The U.S. Department of Health and Human Services through the Office for Civil Rights

Who enforces the HIPAA Privacy Rules

300

An individual’s past, present or future physical or mental health or condition

What is PHI?

300

This is the correct way to encrypt an e-mail to a recipient outside of the HHSC network.

What is *secure* at the beginning of the subject line.

300

Who is liable for civil money penalties for a violation based on the act or omission of a business associate?

Who is the business associate and covered entity?

400

H.I.P.A.A.

What is The Health Information Portability and Accountability Act?

400

We can do this if standard precautions are taken to ensure reasonable security of the transmitted data.

What is fax PHI?

400

Giving this away or leaving out in plain sight would be a breach of security and compromise PHI.

What is an "EMR Access Password"?

400

How must covered entities notify affected individuals of a breach of their PHI?

First class letter

500

A busy emergency room uses bays to treat patients. A patient hears about the neighboring patient's condition.

What is incidental disclosure?

500

Every external vendor who has access to PHI must sign this agreement.

What is a Business Associate Agreement or BAA?

500

Under HIPAA, a patient has the right to request an amendment to his/her medical record, and the hospital has a duty to comply.

What is "False"?

500

The settlement amount of the largest class action suit against Anthem’s data breach.

What is $115 million?