Quantum Units Education®

Entities Covered by the HIPAA Privacy Rule-What Health Plans Are Covered

1. Entities that are not considered health plans include each of the following EXCEPT:

Protected Health Information-What is Covered

2. Protected health information (PHI) includes individually identifiable health information that is transmitted or maintained in any form or medium by a covered entity or its business associate.

Uses and Disclosures of PHI-General Rule

3. In general, a covered entity may not use or disclose health information, except as permitted or required by Privacy Rule.

Treatment, Payment and Health Care Operations

4. Health Care Operations are administrative, financial, legal and ____________ activities necessary to run a business and to support core functions of treatment and payment.

Opportunity for Individual to Agree or Object

5. Individuals are allowed to prohibit the use or disclosure of name, location, general condition, and religious affiliation in facility directories, but the request must be made in writing.

Research-Relationship to Other Research Rules

6. For research purposes, The HIPAA Privacy Rule will always override the Common Rule or FDA's human subject protection regulations.

Minimum Necessary

7. Covered entities must make reasonable efforts to limit the uses, disclosures, and requests for PHI to the minimum amount necessary to accomplish the intended purpose.

Administrative Requirements

8. HIPAA regulations require employers to:

Compliance and Enforcement of the Privacy Rule

9. Which of the following is NOT one of the responsibilities of the Office of Civil Rights with respect to the Privacy Rule?

10. Privacy rule compliance complaints should be filed within 90 days of when the complainant knew or should have known that the act or omission occurred.