Column A
Health Insurance Portability and Accountability Act. A federal law that establishes requirements for Covered Entities and their Business Associates to follow to ensure the protection/privacy of PHI.
What is HIPAA?
A person or organization that performs certain functions on behalf of a Covered Entity or provides certain services to a Covered Entity, that involve the receipt, use or disclosure of PHI.
What is a Business Associate?
Individuals or entities that transmit protected health information through certain transactions. They have specific requirements as outlined by the Department of Health and Human Services. Covered Entities include: Health Plans, Healthcare Providers, and Healthcare Clearing Houses.
What is a covered entity?
Individually identifiable health information that is held or transmitted by a covered entity or it’s business associates in any form.
Examples include: Medical info and records, medical bills and payments, insurance claims data, policy account numbers, and other personal information (i.e. Name, Address, Phone, SSN#, DOB).
What is Protected Health Information (PHI)?
The year HIPAA was signed into federal law.
What is 1996?
This type of action is performed if Alex received benefits year-end claims summary along with another client’s year-end claims summary.
What is a security incident?
The team that you would need to report a security incident to.
What is GSO (Global Security Organization)?
Pertaining to HIPAA, this type of information can only be requested if there is a legitimate reason and authority or permission must be obtained. ADP associates must verify the identity and authority of the person requesting this type of information.
What is disclosure of Protected Health Information (PHI)?
The action an ADP associate would take if Geneva Video received a report that included Flexible Spending Account (FSA) enrollment data for other ADP clients.
What is the action of reporting the incident to a manager and GSO?
Short-term Disability, Long-term Disability, Worker’s Compensation, Family Medical Leave Act, Life Insurance and Sick Leave are all examples of this.
What are plans NOT subject to HIPAA?
The action you take when a caller asks about an HSA balance but their name does not display on the account.
What is the authentication/identification process?
The two actions that would be required if a group health plan provider requests all communications between ADP and Alex regarding a COBRA account.
What situation are these two action items used in:
asking Alex directly for disclosure authorization or obtaining written disclosure authorization?
The two steps you should take if you accidentally come across another employee's confidential information.
What is the action of reporting the incident to a manager and GSO?
Medical, Dental, Vision, Employee Assistance Program, and Spending Accounts are all examples of this.
What are plans subject to HIPAA?
This rule provides standards for the enforcement of the Administrative Simplification Rule.
What is the Enforcement Rule?
The two main goals of HIPAA
What are Accountability and Portability?
This rule protects all individually identifiable information held or transmitted by a covered business associate in any media form (electronic, oral and paper). It also helps to ensure PHI is only accessed on a need to know basis.
What is the Privacy Rule?
This rule sets the national standards for protecting confidentiality, integrity, and availability of electronic protected health information.
What is the Security Rule?
This happens when data may have been improperly accessed, used, disclosed, modified or destroyed. It could also happen when information systems are interfered with or there has been a compromise to the confidentiality, availability and integrity of PHI.
What is a security incident?
This rule strengthens the privacy and security protections for health information established under HIPAA.
What is the Omnibus Rule?
This enables health coverage to continue in the event of job change or loss. Also limits exclusions for pre-existing medical conditions.
What is Portability?
This term describes something that helps to battle fraud, abuse, and waste of resources in health insurance reporting and processing.
What is Accountability?
Fines, civil and criminal penalties, including imprisonment are all examples of this.
What are the consequences of a HIPAA violation?
Social security number, date of birth, and account number are all examples of this.
What is individually identifiable data?
This rule requires covered entities and their business associates to notify the HHS Secretary, individuals, and in some cases, the media regarding breaches of unsecured protected health information.
What is the Breach Notification Rule?