Compliance Jeopardy

HIPAA Basics

Privacy v Security Rule

HIPAA Breaches & Reporting

OSHA & Workplace Safety

OSHA Procedures & Emergency Response

100

What does PHI stand for?

Protected Health Information.

100

Which HIPAA rule focuses on all PHI (oral, written, and electronic)?

The Privacy Rule.

100

What is a HIPAA breach?

Unauthorized access, use, or disclosure of PHI.

100

What is the basic purpose of OSHA?

To protect employees from injuries and illness in the workplace.

100

What are some of the requirements of a sharps container?

Leak-proof, puncture-resistant, not past the fill line, secure to the wall, has a lid, etc.

200

Give two examples of PHI.

Name, date of birth, address, medical record number, etc.

200

Which HIPAA rule focuses on electronic PHI only?

The Security Rule.

200

Give one example of a common HIPAA breach at CEENTA.

Giving the wrong after‑visit summary to the wrong patient from a shared printer.

200

Name the three categories of hazards OSHA focuses on.

Biological, Chemical and Physical Hazards.

200

True or False: It is acceptable to throw a used needle in the regular trash if the sharps container is full.

False. NEVER put a needle in a regular trashcan!!

300

What are the two main types of organizations under HIPAA: covered entities and what?

Business associates.

300

The primary reasons for accessing a patient's chart include for treatment, payment, and...?

Operations.

300

Who should you report a suspected breach to?

Your manager and Compliance (email and Healthicity).

300

Give one example of a bloodborne pathogen.

Hepatitis, HIV, etc.

300

What type of hazard is the PASS method used for?

A fire.

400

CEENTA is considered which type of HIPAA organization?

A covered entity.

400

True or False: You may access your own medical chart in Epic if you work at CEENTA.

False - you only can through your MyChart.

400

If you see PHI laying out, unattended, what should you do?

Bring it to your manager and report it. We also have shred bins you can put papers in.

400

What are the routes of exposure of a bloodborne pathogen?

Mouth, Eye, Ear, Needlestick, cut, etc.

400

What does PASS stand for?

Pull, Aim, Squeeze, Sweep.

500

What HIPAA standard requires you to use only the least amount of information needed to do your job?

The Minimum Necessary Standard.

500

The Security Rule requires the implementation of three security measures. What are they?

Confidentiality, Integrity, and Availability.

500

True or False: If you accidentally access the wrong chart, you should not report it unless someone else notices.

False — all breaches must be reported immediately.

500

A chemical spill occurs, and you aren't sure how to clean it up. How can you check to confirm?

The safety data sheet.

500

If you see that the sharps container is filled past the fill line, what should you do?

Let your clinical lead and/or manager know.