Confidentiality
Regulations
PII?
HIPAA
What is?
100

These are located throughout Medline, usually next to a printer.

What are Shred Bins

100

Starlets walk around Rodeo Drive in this state, while also having a right to file a civil claim if their private information is misused.  

What is California?

100

Social Security Number

Are SS# PII

100

Includes healthcare providers, and include health insurance companies, health maintenance organizations, government programs that pay for healthcare.

What is a covered entity

100

A public statement that provides information about: What personal information is collected about users, how the information is collected and used; how the information is managed and protected; and how a user can access and control that information.

What is a privacy policy

200
  • This is a method of sending data via email in a secure way
  • What is encryption
200

This state may have a city of sin, but their residents have a right to opt-out of any marketing or 3rd party data exchange.

What is Nevada

200

Full Name on a dinner attendee list

Are they NOT PII

200

A person or entity that performs certain functions or activities that involve the use or disclosure of protected health information for a Covered Entity.

What is a business associate

200

A small text file on a website is stored in a website user's computer to provide a way for the website to recognize a user and keep track of their preferences.

What is a cookie

300

This personal has a right to view and make changes to PHI

  • What is the patient?
300

The city that never sleeps expanded the definition of a breach to include “private information.”

What is New York

300

Hospital Data regarding the number of diabetic ulcers they treated in the E wing in March of 2019

Is this PII

300

The ability for all patients to access their own medical records, correct errors or omissions, and be informed about how personal information is shared or used and about privacy procedures.

What are patient rights

300

Contains at minimum 8 characters, uppercase letter, lowercase letter, a number and a special character

What is a strong password

400

A nurse has a neighbor in the maternity ward, and their HOA wants to send the new mom a personal gift. So the nurse looks at the baby’s gender and weight.

What is a HIPAA breach (or violation)?

400

The Continent who’s privacy laws are the basis for the US’s most strict privacy regulations

What is Europe?

400

Hospital data regarding the number of flu cases they had in 2018

Is this NOT PII

400

HIPAA standard that makes reasonable efforts to ensure that access to protected health information (PHI) is limited, per the HIPAA Privacy Rule, to the minimum amount of information necessary to fulfill or satisfy the intended purpose of a particular disclosure, request, or use.

What is the minimum necessary standard

400

The process of converting information or data into a code, especially to prevent unauthorized access.

What is encryption?

500
  • An infection control nurse receives information that there have been multiple cases of MRSA on the 3W nursing unit. The nurse accesses the charts of all the patients on 3W to review the data.

What is NOT a HIPAA breach (or violation)?

500

The European privacy regulation that gives individuals complete control over all their personal information.

  • What is General Data Protection Regulation (GDPR)
500

No patient name or medical record number, just surgery performed in a surgery theater and date surgery occurred.

Is this PII
500

The governing body that enforces HIPAA compliance and takes legal action against violators.

What is the Office of Civil Rights

500

A crypto-virus that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.

What is ransomware

M
e
n
u