Which act governs patient privacy and the sharing of patient information?
A. The Drug Privacy Act of 1972
B. The Food, Drug, and Cosmetic Act of
... [Show More] 1938
C. The Omnibus Budget Reconciliation Act of 1990
D. The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
D
According to HIPAA, when you use and disclose only the amount of protected patient information you need, it is known as:
A. Abbreviated information rule
B. Abundant information rule
C. Maximum necessary rule
D. Minimum necessary rule
D
What should you tell a patient who is requesting a copy of her prescription records?
A. You're sorry, but you cant giver her a copy
B. You can only hand her a list of current medications
C. You ask her if she'd like a printout or to get them electronically, and explain the risk of sending the unencrypted health information via email
D. You ask her for her email address and promise to send them before the end of the day
C
What does the HIPAA Security Rule do?
A. it identifies who should have access to PHI
B. It provides rules for ePHI through computers, but not smartphones and other mobile devices
C. It's designed to keep patients from gaining access to their medical records
D. It's designed to ensure that only authorized personnel have access to ePHI
D
Which is a technical safeguard?
A. Tracking the use of electronic PHI
B. Logging off a computer before stepping away
C. Having a policy and procedure for preventing breaches
D. Firewalls and antivirus software
D
What is an administrative safeguard?
A. A security screen on a computer to prevent viewing by others
B. Ensuring that ePHI access is only available to those who need access for their job
C. Encryption
D. Having a unique identifier for each user so their computer activity can be tracked
B
What is a physical safeguard?
A. Monitoring and testing how well security is maintained
B. Using a password-protected screensaver
C. Tracking to ensure that ePHI isn't used inappropriately
D. Having a plan to preserve ePHI in case of a fire of natural disaster
B
What is an appropriate step to maintaining HIPAA security with passwords?
A. Changing an exposed password only if it is exposed to someone you don't know or trust
B. Reporting to management only if you are sure your log in was used by someone else
C. Choosing a simple password so it is easy to remember
D. Changing your password every 45 to 90 days even if it doesn't expire sooner
D
Which is an accurate statement about breach notifications?
A. You have to notify affected individuals within 60 days of identifying a breach
B. Media outlets must be notified only if a breach involves more than 10,000 individuals
C. You don't need to do anything until there is proof that actual harm occurred
D. A toll-free number must be available only if more than 1000 people affected can't be reached
A
What is an appropriate action when dealing with electronic personal health information?
A. Opening suspicious files that end in .exe, .com, etc so you can report them if they contain PHI
B. Sharing your password to ePHI with a coworker as long as they are authorized
C. Encrypting ePHI if it is stored on your personal device
D. Sending confidential information without de-identifying it if your company security system exceeds minimum requirements
C
What can be done to an employee for failure to follow security policies and procedures?
A. a remedial work plan can be implemented, even if no breach occurs
B. Disciplinary action as determined by HIPAA for security breaches
C. Nothing, if a breach did not occur when an employee fails to follow security policy
D. Firing someone for not following procedures only if it results in monetary damage
A
Tess wanted to add some notes to patient pharmacy profiles during lunch. Without approval, she took a work laptop to a crowded cafe, but she was not aware that an individual seated in the chair behind her was reading all of the information on her laptop. The individual knew Tess' patients and confronted them. What is most likely to happen to Tess?
A. Tess won't be penalized, she did not intend for anyone to see the PHI
B. Tess could face up to 10 years in prison
C. Tess could be disciplined for her actions
D. Tess will be fined a minimum of $75,000
C
According to the definition of pharmacy technician, the primary role of a pharmacy technician is to
A. Administer flu shots
B. Assist pharmacist in dispensing prescriptions
C. Counsel patients
D. Bill insurance companies for medical and prescription claims
B
According to most state laws, pharm techs are allowed to
A. Counsel patients
B. Order medications from the pharmacy's wholesaler
C. Work in the pharmacy when a pharmacist isn't present
D. Take new prescriptions from a prescriber over the phone
B
What's the purpose of obtaining a patient's allergy information?
A. Alert the insurance
B. Review for interactions
C. Override drug interactions
D. Final check of the prescriptions
B
In which pharmacy technician is it common for a patient to drop off a prescription?
A. Inpatient
B. Community
C. Long Term Care
D. Nuclear
B [Show Less]