PCS staff may discuss a person being served over the phone with another ________ but it must be done in a private area.
____________ with others about persons served in public areas is prohibited
An annual _________ is an example of PHI
One of the five HIPAA principles
Staff may converse about persons being served as needed to _________ programs and health plans
You will receive ________ upon hire and annually thereafter.
The "I" in HIPAA stands for __________
The ____________ policy is signed upon hire and pertains to privacy and communication safeguards
The second "A" in HIPAA stands for __________
When _____ are about persons being served, they are not to be left in plain sight for others that have no "need to know".
Staff will have ______ access to health information of a person being served
HIPAA reduces the occurance of __________.
The first "A" in HIPAA stands for _________
The Privacy Officer is located in __________
HIPAA defines and protects _________
The "P" in PHI stands for ________
The medical ______ of a person being served is an example of a designated record set.
The "H" in HIPAA stands for _________
Any requests for disclosures of PHI must be forwarded to your ___________
The "I" in PHI stands for ________-
A _________ _______ includes any item, collection, or grouping of information that includes PHI and is collected or used by a provider
Staff that violate HIPAA policies will be __________
Anytime a person feels a violation of their privacy rights has occurred, they have the right to file a grievance with the ________ ________
The "P" in HIPAA stands for _________
It is staff's responsibility to keep information __________
When discussing a person being served, you should move to a ________ area
We should avoid discussing persons served in ________
We use ______ in order to keep charts inaccessible to people who do not have "need to know" about PHI
Wrongs against person, property, society
Relationships between people, protection of person's rights
Wrongful act that do not involve a contract
First component of a contract
Third component of a contract
Contracted parties must be free of _______________ disability.
________________ and Agent
The type of consent needed to release medical information
Health Care Records are ________________________.
Health Insurance Portability and Accountability Act
Health care workers must protect privacy and _________________ of patients health care records
Principles dealing with what is morally right or wrong
Standards for _______________ of Individually Identifiable Health Information
conforming to a rule i.e. policy, standard or law
moral principles and values that guide a person
guideline of ethical practices that Catholic Charities expects of its employees
unacceptable or improper behavior by an employee
Law/Regulations to protect the privacy of health information
Misconduct must be immediately.....
sitauation in which a person is in a position to derive personal benefit from decisions made in their official capcity
all potential conflicts of interest need to be....
the policy that protects an employee who makes a "good faith" report of misconduct
Catholic Charities Human Resource Director
any information about an individual kept by an organization, including data that can be used to trace the person's identity
One of the core values
Amount of information needed to accomplish a task (2 wrds)
Person with access to the system
Person or organization that maintains, creates, transfers, or receives PHI to perform a function on behalf of HRHS (2 wrds)
When PHI is exposed we have committed a ___ of the patient's privacy
Document describes a patients rights to their health information
One of the core values
The release, transfer, access to or divulging of patient information
Immediate areas consisting of a desktop, laptop and other items to complete work
Method used to protect electronic data
One of the core values
Employees, volunteers, students/observers who represent the facility are members of the __
A state of NOT protecting PHI
HRHS strives to protect the ____ of its patients
Confidential measure used to protect systems made up of a string of characters
A state of protected PHI from unauthorized users
Protected Health Information
Person who is the subject of PHI
One of the core values
Management of healthcare services to an individual
Committee responsible for reviewing internal HIPAA concerns, policies and procedures
One of the core values
RELEASE OF INFORMATION
What act was passed in congress to protect individual's medical records and other personal health information
Who is one person you can report a suspected breach to?
Is it ok, to discuss health information with an individual in an open area?
How should you send an email to outside recipients that contain protected health information?
What HIPAA rule protects individual rights?
What is the acronym that identifies individual's information (ie: name, birthdate, address, etc.)?
What is HIPAA's minimum training requirement for employees?
Acronym for a document you receive from the physician office, which explains how they may use and share your health information
What should you never share with another individual that is used to access systems?
How many days do you have to send a breach notification letter to individual(s), whose information was compromised?
Information contained within the consumer record will not be _________ withoug a signed Release of Information form.
The _____________ retains the right to refuse authorization for the release of identifying information.
Prior to scheduling any _____________ the designate will ensure a release of information is obtained.
The release of personal identifying and _____________ information is subject to federal and state laws.
Releases are updated ___________.
There are _____________ for HIPAA violations.
As a part of our care, we keep consumer's ___________ about their health confidential.
HIPAA stands for the Health _____________ Portability and Accountability Act of 1996.
Even _________ is private, consumer information stored on paper should never be thrown into an open _______ container.
As an __________ it is your duty to help maintain privacy for consumers.
We must tell consumers how their information is being used and to whom it is being _______________.
I can not take _______________ inside the Hospital.
What do the initials ePHI stand for electronically Protected Health _________ ?
Abbreviation for the Health Insurance Portability and Accountability Act of 1996?
Every patient has the right to ___________ with their medical treatment and conditions.
By law hospitals must train annually on HIPAA ____________.
Hospitals have ___________ and procedures to meet Federal HIPAA rules and regulations.
HIPAA security and privacy applies to everyone ______ in the facility.
HIPAA is governed by _____ and Human Services?
HIPAA was created with _____ standards for all patients.
Accessible __________ Health Information (PHI) is limited to only that information needed for performance of services.
Personally identifiable health information is protected by HIPAA includes photographic, electronic, spoken word and ______?
I may not post any identifiable information on______?
All information regarding patients must stay confidential. I can not even tell my friends or ____.
I may not share my computer log-in _____ with anyone.
These need to be strong enough that others won't guess them
Keep it _________ and Secure
When clicking on a suspicious link in an email you could be caught ____________
If you suspect a privacy or security breach, you must report it ______________
This type of agreement is needed when a vendor needs to access PHI to do work on our behalf
This is used to access Partners information remotely
Privacy and Security Regulations
Before stepping away from your computer, always click on the yellow ___________ so no one else can access your information
Report a lost device immediately by contacting the
When this is installed on your computer, it can lead to spreading a virus across the network
When travelling with a laptop in your vehicle, always keep it in the ___________
Where not to keep your laptop or other work information when travelling in a car
Name of the repository for Partners Policies
What is the name of the Partners Chief Information Security and Privacy Officer?
Even accessing patient _________ in Epic, without a business need to know is a violation of policy
Covered Transactions (eligibility, enrollment, health care claims, payment, etc.) performed electronically.
Provides for electronic and physical security of a resident's health information.
Upon discovering a breach, Business Associates are required to notify the HIPAA Officer or Executive Director of the nature of the potential breach and whose PHI may have been improperly __________, ____________, used or disclosed.
Who has to follow HIPAA Law?
A ______________________ is sufficient when emailing and faxing PHI under HIPAA Security standards.
All client records should be destroyed by ______________.
The Provider's Right to Notice of Privacy Practices teaches clients and their families about ________ under HIPAA.
Can I be in social media (Facebook, Twitter, Snapchat, etc.) contact with my clients.
HIPAA states I can disclose PHI for ________________ or _______________ for services with an authorization to release.
Under HIPAA, the __________ rule only covers electronic PHI, while the Privacy Rule covers electronic, oral, and paper forms of PHI.
It protects patiets demographic information
there are this many provisions for hipaa
physicians,insurance carriers and clearinghouses are this
Someone who works for a covered entity is called this
PHI stands for
This must be signed before PHI is given to another doctor
This agency investigates fraud and abuse cases
when you intentionally submit false information
This person turn in someone whoi is commiting fraud
This rule provide regulation related to electronic transactions
This is a type of PHI
Information that does not need consent to be discolsed is call
Health Information portability and accountablility act
the privacy rule and the ________ rule