Peter Rifkind
Quiz by , created more than 1 year ago

Edited 3/2016

397
0
0
Peter Rifkind
Created by Peter Rifkind about 10 years ago
Close

Security and HIPAA Awareness Quiz

Question 1 of 15

1

Did you configure your anti-virus to scan automatically?

Select one of the following:

  • Yes!

  • No :(

Explanation

Question 2 of 15

1

Because UltraLinq is classified as a Business Associate, we are not required to comply with the Privacy Rule.

Select one of the following:

  • True
  • False

Explanation

Question 3 of 15

1

Which of the following are major tenets of HIPAA?

Select one of the following:

  • Protects the privacy of a patient's health information.

  • Provides for electronic and physical security of a patient's information.

  • Prevents healthcare fraud and abuse.

  • All of the above.

Explanation

Question 4 of 15

1

You received a CD containing some pirated software that you need. You should probably go ahead and install it, right?

Select one of the following:

  • Yes, I have a Mac.

  • Yes, I have appropriate security programs installed.

  • No, installing unlicensed software violates the terms set forth in the UltraLinq handbook.

  • No, my Macbook Air does not have an optical drive.

Explanation

Question 5 of 15

1

You decide to take some time to clean out your desk drawers. You come across some CDs with X-Ray exams that a client was nice enough to send us, and pitch them in the trash without destroying them. What else could you have done to VIOLATE our HIPAA policy?

Select one of the following:

  • Shred everything that contains PHI.

  • Apply a password to prevent unauthorized access to your operating system.

  • Conduct frequent virus scans.

  • Give a demo at a trade show using a live customers' patient data.

Explanation

Question 6 of 15

1

The "Security Rule" is comprised of three safeguards: Administrative, Physical and Technical.

Select one of the following:

  • True
  • False

Explanation

Question 7 of 15

1

A laptop has gone missing! You suspect it had a bunch of patient information on it, but can’t be sure. You know you are responsible for reporting any potential breaches immediately. What’s the best way to cover your butt?

Select one of the following:

  • Find the missing equipment.

  • Do nothing and play dumb about the missing equipment.

  • Write an e-mail and call Peter detailing what has happened.

  • Find a funny animated GIF and post it in Slack, along with an announcement the laptop is missing.

Explanation

Question 8 of 15

1

You are working from home because of the big storm. So you log into the UltraLinq website and you store your login information in your browser. That’s ok, right?

Select one of the following:

  • Yes, it’s my home computer. I do what I want.

  • No, it potentially allows access to PHI for people who should not access PHI.

Explanation

Question 9 of 15

1

A trial version of antivirus on your computer expired so you uninstalled it. Because you require a password to login to your operating system your computer is still secure.

Select one of the following:

  • True
  • False

Explanation

Question 10 of 15

1

Which policy does UltraLinq NOT employ to maintain HIPAA compliance?

Select one of the following:

  • Making all new users go through an authorization process by their account’s HIPAA Officer.

  • Requires all clients to sign a Business Associate Agreement prior to uploading.

  • Has a specific individual responsible for HIPAA compliance (Peter).

  • Publishing a HIPAA newsletter for our customers so they know we are compliant.

Explanation

Question 11 of 15

1

The penalties for a breach of PHI are the same regardless of severity and negligence.

Select one of the following:

  • True
  • False

Explanation

Question 12 of 15

1

In what ways did the HITECH Act affect Business Associates like UltraLinq? (Choose all that apply)

Select one or more of the following:

  • It made Business Associates have to do a lot more paperwork.

  • HITECH required that Business Associates get their products certified by an authorized certifier.

  • It gave State Attorneys General the option of bringing criminal charges against negligent offenders.

  • It required that Business Associates and Covered Entities have Business Associate agreements in place prior to exchanging PHI.

Explanation

Question 13 of 15

1

HIPAA has many different facets, and protecting patient data is UltraLinq's primary focus. There are two Rules in HIPAA that provide guidance on how Covered Entities and their Business Associates must protect patient data. What are those rules?

Select one or more of the following:

  • Privacy Rule

  • Patient Medical Health Record Rule

  • Security Rule

  • Healthcare Fraud Rule

Explanation

Question 14 of 15

1

While calling in to pay his bill, Vasant asks Brett to fax him a patient report. Because Client Service is busy playing darts; he decides to send the faxes. Which steps did Brett take to ensure all UltraLinq policies are followed? (Choose all that apply)

Select one or more of the following:

  • Documented the fax in Salesforce or Zendesk.

  • Shredded the report after faxing it.

  • Made sure to keep a copy of the report on his desk just in case Vasant wants another copy tomorrow.

  • Providing instructions for Vasant so he can create the report on his own next time.

Explanation

Question 15 of 15

1

Protected Health Information (PHI) is specific information that can be used to identify an individual all by itself; or information pertaining to an individuals medical care; or billing information. If you want to ANONYMIZE a report, which piece(s) of information can remain without disclosing PHI (Choose all that apply)?

Select one or more of the following:

  • Patient name

  • Patient weight

  • Type of exam done

  • Social Security Number

Explanation