Which of the following is a goal of the minimum necessary requirement under the
HIPAA Privacy Rule? - ✔✔Ensure that all workforce members have the
... [Show More] same access to
PHI within an organization.
A patient is checking in at the registration desk and overhears a conversation between
another patient and the billing specialist regarding a specific diagnosis that is not being
covered under the patient's insurance. This is an example of what type of disclosure? -
✔✔Incidental
Which of the following is the only scenario where breach notification can be delayed
past the 60-day notification requirement? - ✔✔When law enforcement requests a delay
due to open criminal investigation.
During a recent change in a computer system's access, an organization determined that
they were going to create role-based access defined on the need for each job type
within the organization. This is an example of application of which of the following: -
✔✔Minimum necessary
An organization just finished updating the minimum necessary policy and procedure.
The new policy took effect on February 12, 2016. How long do they have to maintain the
previous version of the policy? - ✔✔February 12, 2020
Which of the following is considered a patient's right under the HIPAA Privacy Rule? -
✔✔Accounting of disclosure (AOD)
How long does a covered entity have to respond to an accounting of disclosure
request? - ✔✔30 days with one 30 day extension.
A patient has requested three accounting-of-disclosures reports in the past month.
Which of the following statements is true regarding the accounting of disclosure? -
✔✔The CE is allowed to charge a reasonable, cost-based fee for the second and third
request for accounting disclosures and must inform the patient prior.
In the final HIPAA Omnibus Rule of 2013, which of the following was added to the
regulations regarding patient access? - ✔✔A patient has a right to receive his or her
designated record set electronically, if maintained electronically. [Show Less]