Question: Which is NOT an appropriate method of notification regarding a covered entity’s electronic disclosure policy?
Answer: Mailing a notice to the consumer in an unmarked envelope.
Question: True or False: Using a card reader or scanner to obtain PHI carries a more severe penalty under HB 300 than credit card fraud.
Answer: False
Question: A covered entity may disclose PHI without authorization to:
Answer: Another covered entity for purpose of treatment, payment, health care operations, an insurance or HMO function.
Question: To which entity must the Attorney General report the number and types of complaints reported?
Answer: The Texas State Legislature
Question: When are the privacy and security standards for the electronic sharing of protected health information due to the Texas Health and Human Services Commision?
Answer: January 1, 2013
Question: The penalty for NOT taking responsible action to disclose a security breach of sensitive personal information is:
Answer: Not more than $100/individual for each day of inaction
Question: What is the timeframe for providing a consumer with an electronic copy once a written request is recieved?
Answer: No later than the 15th day
Question: The cost for a covered entity selling PHI to another covered entity:
Answer: Cannot exceed the cost of preparing and transmitting the data.
Question: True or False: The commission must send all civil penalities to the federal government.
Answer: False
Question: Which of the following are training requirements under HB 300?
Answer: Cover both state and federal law regarding PHI