HIPAA Privacy Rule Overview

Questions and Answers

The HIPAA Privacy Rule protects a patient's fundamental right to privacy and confidentiality.

True (A)

You are considered a covered entity if you are a healthcare provider, health plan, or healthcare clearinghouse that transmits health information electronically.

True (A)

Protected Health Information (PHI) is anything that connects a patient to their health information.

True (A)

PHI includes all health information, except PHI in oral form.

False (B)

You are permitted to use/disclose PHI for treatment, payment, and healthcare operations.

True (A)

Authorization must be obtained for any use/disclosure of PHI for marketing purposes.

True (A)

The Privacy Rule gives patients the right to take action if their privacy is violated.

True (A)

After signing an authorization, the patient can revoke it.

True (A)

In general, disclosure of PHI must be limited to the least amount needed to get the job done.

True (A)

If you need help understanding the rules, the Department of Health and Human Services is required to provide assistance.

True (A)

Flashcards

HIPAA Privacy Rule

Protects patients' privacy and confidentiality of their health information.

Covered Entity

Healthcare providers, health plans, or clearinghouses that transmit health info electronically.

Protected Health Information (PHI)

Any information connecting a patient to their health.

Treatment, Payment, Healthcare Operations (TPO)

Legitimate uses for disclosing PHI.

Patient Authorization

Permission given by a patient for specific uses of their PHI.

Marketing PHI

Requires patient authorization.

Authorization Expiration

Patient authorization has an end date.

Revoking Authorization

Patient can change their mind and take back consent after signing.

Public Health Activities

Use of PHI without consent is possible in certain disease prevention scenarios.

Reporting Abuse

PHI can be disclosed, without patient consent, in cases of abuse.