XLEMR � HIPAA and HITECH Security Requirements?

Simplicity Mobility Efficiency

XLEMR Basic Backup Solutions Integrated Billing E-Prescribe Fax Server Lab Interfaces RADAR Bulk Scaning Document Solutions PHR Card PACS System HIPAA Assessment

Our Commitment XLEMR Difference Testimonials Notes Quiz Calculate ROI Business Partners HIPAA Quiz

FAQ Features and Benefits Do I Need an EHR Learn about EHRs Meaningful Use Reqs Stimulus Payments

E-Prescribe Demo XLEMR Demo

Just about everyone has heard of HIPAA, but how well do you really know the law? Are you familiar with how the HITECH Act has amended HIPAA law? Does your practice have a plan for compliance? Please spend a few minutes to take our brief quiz to test your knowledge and compliance level.

What does HIPAA stand for?

Health Information Protection and Accountability Act

Health Interest Provision for Availability Act

Health Insurance Protection and Availability Act

Health Insurance Portability and Accountability Act

HIPAA uses the term "covered entity." Which of the following might be covered entities?

Hospitals

Independent clinics and practices

Business associates that process health information

All of the above

HIPAA has two main parts: The Privacy Rule and the Security Rule. What is the main goal of the Privacy Rule?

According to the privacy rule, covered entities must disclose information when requested by a patient, or to HHS in compliance with investigation, review, or enforcement action.

True

False

According to the privacy rule, covered entities are permitted to use PHI without patient's authorization for certain purposes. Which of these is NOT permitted without the patient's permission?

Use for treatment

Use for payment

Use for public benefit

Use for marketing

What is the main goal of the Security Rule?

The security rule calls for three types of safeguards. What are they?

, , and

According to the Security Rule, a covered entity's employees and staff should have access to health data according to what principle?

The HIPAA Security Rule and HITECH Interim Final Rule for meaningful use stage one have one requirement in common. What is it?

Disaster Recovery Plan

Use of Firewalls

Conduct a Risk Assessment

Passwords Expiration & Rotation Rule

The Security Rule requires practices to have a disaster recovery plan. Please list a few things that should be included in a disaster recovery plan.

The Security Rule requires security education and training programs for a covered entity's employees and staff.

True

False

HITECH Interim Final Rule for meaningful use stage one requires full HIPAA Security Rule compliance.

True

False

According to the HITECH amendments, who may NOT sue covered entities for violating HIPAA?

Department of Health and Human Services Office of Civil Rights

State Attorney Generals

Delegates of the State Attorney General

Patients suffering from identity theft due to HIPAA violations

According to the HITECH Amendments to HIPAA, HHS may impose fines up to $250,000 with repeat violations up to $1.5 Million imposed for "willful neglect."

True

False

We hope this quiz has caused you to think about your knowledge of HIPAA and the compliance level of your practice. Please take a couple of minutes to tell us about yourself.

Name:

Phone:

Email:

Profession: Healthcare Provider Practice Manager Medical Office Staff Patient Other

Please have one of your security consultants contact me to schedule a free HIPAA security consultation and discuss your answers.

Yes

Please solve the captcha below to submit your answers.