Privacy
Why is the Privacy Rule needed?
It provides safeguards to protect the confidentiality of medical information.
188-Why is the HIPAA Privacy Rule needed | HHS.gov
What is one of the best practices recommended for security?
Encryption
A large number of data breaches result from the theft of unencrypted devices.
What Is HIPAA Security Rule and Privacy Rule? | Trellix
What is the Breach Notification Rule for?
It requires HIPAA entities and business associates to provide notice following a breach of unsecured PHI.
Breach Notification Rule | HHS.gov
Jamie decided to search her sister's name up in the health charts.
Is this a violation?
Yes! This is a violation of patient privacy.
The Most Common HIPAA Violations You Must Avoid - 2022 Update (hipaajournal.com)
When did congress pass HIPAA?
1996
THE HIPAA PRIVACY RULE: Answers to Frequently Asked Questions (aafp.org)
When is patient consent not required?
Routine uses or disclosures of medical info such as for treatment or billing reasons.
THE HIPAA PRIVACY RULE: Answers to Frequently Asked Questions (aafp.org)
What types of information should be kept secure?
Data moving through a network (e-mail)
Data that is kept in databases, servers, flash drives, etc.
Data that is in the process of being created, retrieved, updated, or deleted
Data that has been discarded
HIPAA: Security Rule: Frequently Asked Questions (asha.org)
What is unsecured PHI?
PHI that has not been rendered unusable, unreadable, or indecipherable to unauthorized persons through the use of a technology or methodology specified by the Secretary in guidance.
Breach Notification Rule | HHS.gov
John did not feel like reporting a potential risk because it was "no big deal."
Is this a violation?
Yes! Every risk should be reported.
The Most Common HIPAA Violations You Must Avoid - 2022 Update (hipaajournal.com)
What does HIPAA stand for?
Health Insurance Portability and Accountability Act
Summary of the HIPAA Privacy Rule | HHS.gov
Who is responsible for enforcing the Privacy Rule?
List two ways to keep information secure.
Encryption, training, read agreements, assess risk, etc.
5 Security Best Practices for Protecting Your HIPAA-Compliant Data (securitymetrics.com)
Who receives a breach notification?
Chris looked up a patient in the charts in order to assign them a bed. Is this a violation?
No. That is a work-related reason.
The Most Common HIPAA Violations You Must Avoid - 2022 Update (hipaajournal.com)
Who must comply with HIPAA?
Covered entities; anyone who stores/transmits individually identifiable HI electronically.
THE HIPAA PRIVACY RULE: Answers to Frequently Asked Questions (aafp.org)
The government can impose civil penalties for noncompliance ranging from ____ to ____.
What does the Security Rule do?
It ensures confidentiality, integrity, and availability of all electronic patient health information created, maintained, received, or transmitted.
What is the HIPAA Security Rule: Safeguards & Requirements (compliancy-group.com)
Who must be alerted when a data breach exposes 500+ people?
Office for Civil Rights (OCR)
What is the HIPAA breach notification rule? - HIPAA Guide
Karen finished entering PHI in the computer and threw the document in the trash. Is this a violation?
Yes! The document should go in the shredder.
The Most Common HIPAA Violations You Must Avoid - 2022 Update (hipaajournal.com)
What are the 3 main rules for HIPAA?
Privacy Rule, Security Rule, and Breach Notification Rule
HIPAA for Professionals | HHS.gov