CHPC Exam Latest Update
Questions & Answers with Rationales| 100%
Correct | Grade.
A business associate has contacted an organization's privacy officer to alert him that some of the patient
information that they hold in relation to the BAA may have been breached.
An employee took a laptop that contained patient information from several vendors and misplaced it at
an airport. They are not 100% sure that information from the organization was on the laptop. Which of
the following is the MOST appropriate response by the privacy officer?
A. Rely on the business associate to conduct any needed notifications.
B. Notify each individual whose PHI has been possibly disclosed.
C. Determine if the breach involved more than 500 individuals.
D. Assure that all notifications occur no later than 90 days after discovery.
Answ >C. Determine if the breach involved more than 500 individuals.
Quiz A new privacy officer is reviewing an organization's current policy on patient requests for
amendments. Which of the following is the MOST critical to the evaluation process?
A. effective and revision dates of the policy
B. accurate description of the regulatory requirements
C. nature of complaints related to the policy
D. description of the form letters used to respond to requests
, Answ >B. accurate description of the regulatory requirements
Quiz A physician employee is working at a satellite office on Tuesday. On Monday, he takes a laptop
home so he can go straight to the satellite office the next morning. What is the best practice to secure
the laptop overnight?
a. Lock it in the trunk of the car
b. Cover it up with something and lock it inside the car
c. Leave it in the car, but pull inside the garage
d. Take it inside and keep it in a secure location
Answ >d. Take it inside and keep it in a secure location
Quiz A physician office employee sees her neighbor at the office. It is acceptable for the employee to
mention to another friend that she saw the patient at the doctor's office, as long as the employee did
not mention why the patient was there. a. True b. False
Answ >b. False
Quiz A staff member needs to leave a HIPAA compliant message on a voicemail or with someone else.
Which of the following is not an acceptable practice when contacting patients via phone?
a. Following the minimum necessary standard when leaving a message with whoever answers the phone
b. Leaving detailed PHI on a voicemail without having the patient's permission c. Leaving the minimum
amount of information needed: name, number, and practice or physician name
d. Leaving a detailed message, if the patient has given permission to do so
Answ >b. Leaving detailed PHI on a voicemail without having the patient's permission
Quiz As part of due diligence on Business
Questions & Answers with Rationales| 100%
Correct | Grade.
A business associate has contacted an organization's privacy officer to alert him that some of the patient
information that they hold in relation to the BAA may have been breached.
An employee took a laptop that contained patient information from several vendors and misplaced it at
an airport. They are not 100% sure that information from the organization was on the laptop. Which of
the following is the MOST appropriate response by the privacy officer?
A. Rely on the business associate to conduct any needed notifications.
B. Notify each individual whose PHI has been possibly disclosed.
C. Determine if the breach involved more than 500 individuals.
D. Assure that all notifications occur no later than 90 days after discovery.
Answ >C. Determine if the breach involved more than 500 individuals.
Quiz A new privacy officer is reviewing an organization's current policy on patient requests for
amendments. Which of the following is the MOST critical to the evaluation process?
A. effective and revision dates of the policy
B. accurate description of the regulatory requirements
C. nature of complaints related to the policy
D. description of the form letters used to respond to requests
, Answ >B. accurate description of the regulatory requirements
Quiz A physician employee is working at a satellite office on Tuesday. On Monday, he takes a laptop
home so he can go straight to the satellite office the next morning. What is the best practice to secure
the laptop overnight?
a. Lock it in the trunk of the car
b. Cover it up with something and lock it inside the car
c. Leave it in the car, but pull inside the garage
d. Take it inside and keep it in a secure location
Answ >d. Take it inside and keep it in a secure location
Quiz A physician office employee sees her neighbor at the office. It is acceptable for the employee to
mention to another friend that she saw the patient at the doctor's office, as long as the employee did
not mention why the patient was there. a. True b. False
Answ >b. False
Quiz A staff member needs to leave a HIPAA compliant message on a voicemail or with someone else.
Which of the following is not an acceptable practice when contacting patients via phone?
a. Following the minimum necessary standard when leaving a message with whoever answers the phone
b. Leaving detailed PHI on a voicemail without having the patient's permission c. Leaving the minimum
amount of information needed: name, number, and practice or physician name
d. Leaving a detailed message, if the patient has given permission to do so
Answ >b. Leaving detailed PHI on a voicemail without having the patient's permission
Quiz As part of due diligence on Business
