HIPAA and Privacy Act Training (CHALLENGE EXAM) (DHA-
US001)
(a) Select your current Job Position:
(b) Is this your first time taking the HIPAA and Privacy Act Training Course? ans: (a) Patient Services
(b) No, but I need annual training
In which of the following circumstances must an individual be given the opportunity to agree or object
to the use and disclosure of their PHI? ans: A and C
Which of the following statements about the HIPAA Security Rule are true? ans: All of the above
A covered entity (CE) must have an established complaint process. ans: True
The e-Government Act promotes the use of electronic government services by the public and improves
the use of information technology in the government. ans: True
When must a breach be reported to the U.S. Computer Emergency Readiness Team? ans: Within 1 hour
of discovery
Which of the following statements about the Privacy Act are true? ans: All of the above
What of the following are categories for punishing violations of federal health care laws? ans: All of the
above
Which of the following are common causes of breaches? ans: All of the above
Which of the following are fundamental objectives of information security? ans: All of the above
If an individual believes that a DoD covered entity (CE) is not complying with HIPAA, he or she may file a
complaint with the: ans: All of the above
Technical safeguards are: ans: Information technology and the associated policies and procedures that
are used to protect and control access to ePHI
A Privacy Impact Assessment (PIA) is an analysis of how information is handled: ans: All of the above
A breach as defined by the DoD is broader than a HIPAA breach (or breach defined by HHS). ans: True
Which of the following are breach prevention best practices? ans: All of the above
US001)
(a) Select your current Job Position:
(b) Is this your first time taking the HIPAA and Privacy Act Training Course? ans: (a) Patient Services
(b) No, but I need annual training
In which of the following circumstances must an individual be given the opportunity to agree or object
to the use and disclosure of their PHI? ans: A and C
Which of the following statements about the HIPAA Security Rule are true? ans: All of the above
A covered entity (CE) must have an established complaint process. ans: True
The e-Government Act promotes the use of electronic government services by the public and improves
the use of information technology in the government. ans: True
When must a breach be reported to the U.S. Computer Emergency Readiness Team? ans: Within 1 hour
of discovery
Which of the following statements about the Privacy Act are true? ans: All of the above
What of the following are categories for punishing violations of federal health care laws? ans: All of the
above
Which of the following are common causes of breaches? ans: All of the above
Which of the following are fundamental objectives of information security? ans: All of the above
If an individual believes that a DoD covered entity (CE) is not complying with HIPAA, he or she may file a
complaint with the: ans: All of the above
Technical safeguards are: ans: Information technology and the associated policies and procedures that
are used to protect and control access to ePHI
A Privacy Impact Assessment (PIA) is an analysis of how information is handled: ans: All of the above
A breach as defined by the DoD is broader than a HIPAA breach (or breach defined by HHS). ans: True
Which of the following are breach prevention best practices? ans: All of the above
