Privacy Rule
Security Rule
Breach Notification Rule
HIPAA Basics
Real-life scenarios
100

What is PHI?

Protected Health Information 

100

What are the three types of safe guards required by the security rule?

Administrative, physical, and technical safeguards 

100

What is a breach under HIPAA?

An impermissible use or disclosure of PHI that compromises its security or privacy.

100

What does HIPAA stand for?

Health insurance Portability and Accountability Act

100

A nurse discusses a patient's condition with a colleague in a public elevator. Is this a HIPAA violation?

Yes 

200

What is a right patients have under the Privacy Rule?

The right to access their medical records

200

What is the purpose of a risk analysis? 

To identify and assess potential risk to the confidentiality, integrity and availability of ePHI

200

Writhing how many days must individuals be notified of a breach? 

60 days 

200

When was HIPAA enacted?

1996

200

A healthcare provider sends an unencrypted email containing PHI. Is this a HIPAA violation? 

Yes

300

How long must covered entitles retain documentation of their privacy policies?

6 years 

300

What is one example of a technical safeguard?

Encryption

300

Who must be notified if a breach affects more than 500 individuals? 

The affected individuals, the security of HHS, and the media. 

300

Name one of the main purposes of HIPAA 

To protect the privacy and security of individuals health information 

300

A patient request a copy of their medical records. How long does the provider have to comply? 

30 days 

M
e
n
u