HIPAA and Privacy Act Training – 1.5 hrs – Pre-Test Answers – 2026 – Study and
Compliance Guide
Under HIPAA, a covered entity (CE) is defined as: - correct answer ✔✔ All of the above
HIPAA allows the use and disclosure of PHI for treatment, payment, and health care operations
(TPO) without the patient's consent or authorization. - correct answer ✔✔ True
The minimum necessary standard: - correct answer ✔✔ All of the above
Which of the following is NOT electronic PHI (ePHI)? - correct answer ✔✔ Health information
stored on paper in a file cabinet
Which of the following statements about the HIPAA Security Rule are true? - correct answer
✔✔ All of the above
Administrative safeguards are: - correct answer ✔✔ Administrative actions, and policies and
procedures that are used to manage the selection, development, implementation and
maintenance of security measures to protect electronic PHI (ePHI). These safeguards also
outline how to manage the conduct of the workforce in relation to the protection of ePHI
Physical safeguards are: - correct answer ✔✔ Physical measures, including policies and
procedures that are used to protect electronic information systems and related buildings and
equipment, from natural and environmental hazards, and unauthorized intrusion
Technical safeguards are: - correct answer ✔✔ Information technology and the associated
policies and procedures that are used to protect and control access to ePHI
Compliance Guide
Under HIPAA, a covered entity (CE) is defined as: - correct answer ✔✔ All of the above
HIPAA allows the use and disclosure of PHI for treatment, payment, and health care operations
(TPO) without the patient's consent or authorization. - correct answer ✔✔ True
The minimum necessary standard: - correct answer ✔✔ All of the above
Which of the following is NOT electronic PHI (ePHI)? - correct answer ✔✔ Health information
stored on paper in a file cabinet
Which of the following statements about the HIPAA Security Rule are true? - correct answer
✔✔ All of the above
Administrative safeguards are: - correct answer ✔✔ Administrative actions, and policies and
procedures that are used to manage the selection, development, implementation and
maintenance of security measures to protect electronic PHI (ePHI). These safeguards also
outline how to manage the conduct of the workforce in relation to the protection of ePHI
Physical safeguards are: - correct answer ✔✔ Physical measures, including policies and
procedures that are used to protect electronic information systems and related buildings and
equipment, from natural and environmental hazards, and unauthorized intrusion
Technical safeguards are: - correct answer ✔✔ Information technology and the associated
policies and procedures that are used to protect and control access to ePHI
