Under Hipaa An Individual Has The Right To Request

Under HIPAA, the CE is obligated to provide a __________ for issues related to the protection of Health information.

Under HIPAA, the individual has the right to request to _______ his her health record.

Under HIPAA, the CE is obligated to _________ policies and procedures regarding access to medical records.

Under HIPAA, the individual has the right to ________ a copy of his or her health record.

Under HIPAA, the CE is obligated to ________ by the terms of the privacy notice.

Under HIPAA, and individual has the right to request communication by a way of _________ means.

Under HIPAA, the CE is obligated to take ________ steps to safeguard patient information.

Under HIPAA, the CE is obligated to _______ patients with a Notice of Privacy Practices. NPP

Under HIPAA, an individual has the right to ________ a paper copy of the Notice of Privacy Practices. NPP

Under HIPAA, the individual has the right to ________ specific uses and disclosures of PHI.

_________ authorizes the CE to disclose PHI to carry out TPO.

_________ is required before any PHI can be used for any purpose other than TPO.

__________ is the "reasonable standard" to "use" or "disclose" PHI.

Civil penalties of $____ to $_______.

Criminal penalties of as much as _________ in fines and ____ year in prison for CEs that knowingly obtain or disclose identifiable health information

Criminal penalties of as much as _________ in fines and ____ years in prison if an offense is committed under false pretenses

Criminal penalties of as much as _________ in fines and ____ years in prison if an offense is committed with the intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm

HITECH penalties for each violation of HIPAA can now exceed civil penalties for violating the __________ statue.

HITECH mandates much more enforcement by HHS, including compliance audits, and allows enforcement by _____________.

Under the Breech notification rules ce are required to submit _______ logs of protected health information (PHI) breached to the ___________.

HITECH - Congress provided that unless a violation is caused by willful neglect, penalties for the violation can be avoided by taking _________ within ___ days.

HIPAA AND ______ provides training for new employees and _________ to existing employees to ensure compliance.

Federal official who presides over a trial type of hearing and makes decisions to resolve a dispute

A change or action implemented to eliminate the cause of a detected nonconformity

Legal agreement between two parties that lays out the method and timetable for solving conflict between them

Time elapsed since the date of occurrence in which it is permissible to report a violation of the Privacy Rule

A CE's self -imposed actions to prevent or resolve violations of the Privacy Rule

Monies collected from the CE's in the form of fines assessed for Privacy Rule violations.

The entity required to investigate compliance with the Privacy Rule.

The OCR's audit or examination of a CE's policies and procedures carried out to determine whether the CE is adhering to the Privacy Rule

An action of revenge prohibited by the Privacy Rule against any individual filing a complaint.

No, the CE has an obligation to mitigate harmful effects of the violation

Yes

No

CE's 3 requirements:

The time a CE has to respond to requests to PHI IF the PHI is maintained OFF SITE.

The time a CE has to respond to request to PHI IF the PHI is maintained ON SITE.

HITECH

HITECH act 2 most important changes to:

HIPAA title one

HIPAA title two