HIPAA Security 2022
What should you tell a patient who is requesting a copy of all prescriptions filled over the
past year? - Answer I can send you this via email if that's what you prefer, but it's risky.
What does the HIPAA Security Rule cover? - Answer Requirements to ensure only
authorized individuals access ePHI
Which action would be considered a technical safeguard? - Answer Using encryption to
send secure emails
A new employee asks you for an example of an administrative safeguard. Which
example would be most appropriate? - Answer Having a Security Official for the
organization
What would be a physical safeguard that might be implemented to help protect ePHI? -
Answer Using a privacy screen to make sure computer screens aren't viewable by
others
How can you help protect your organization's electronic data? - Answer Don't use
computers that store or process ePHI for personal use.
What would be considered a best practice for password management? - Answer
Changing your password every 45 to 90 days
A breach that involves more than how many records must be reported to major media
outlets in the state or jurisdiction where the patients involved in the breach reside? -
Answer 500
What is an appropriate way of handling electronic protected health information? -
Answer Don't open email attachments with file names ending in .exe, .pif, .com, or.scr.
Which civil fine tier would categorize a violation involving not knowing that the HIPAA
Security Rule was violated, and by exercising due diligence, would not have known that
the Rule was violated? - Answer 1
What should you tell a patient who is requesting a copy of all prescriptions filled over the
past year? - Answer I can send you this via email if that's what you prefer, but it's risky.
What does the HIPAA Security Rule cover? - Answer Requirements to ensure only
authorized individuals access ePHI
Which action would be considered a technical safeguard? - Answer Using encryption to
send secure emails
A new employee asks you for an example of an administrative safeguard. Which
example would be most appropriate? - Answer Having a Security Official for the
organization
What would be a physical safeguard that might be implemented to help protect ePHI? -
Answer Using a privacy screen to make sure computer screens aren't viewable by
others
How can you help protect your organization's electronic data? - Answer Don't use
computers that store or process ePHI for personal use.
What would be considered a best practice for password management? - Answer
Changing your password every 45 to 90 days
A breach that involves more than how many records must be reported to major media
outlets in the state or jurisdiction where the patients involved in the breach reside? -
Answer 500
What is an appropriate way of handling electronic protected health information? -
Answer Don't open email attachments with file names ending in .exe, .pif, .com, or.scr.
Which civil fine tier would categorize a violation involving not knowing that the HIPAA
Security Rule was violated, and by exercising due diligence, would not have known that
the Rule was violated? - Answer 1
