← All answer keys
Community QuestionSeen on 6 CBTs

A covered entity may use or disclose PHI without an authorization, or documentation of a waiver or an alteration of authorization, for all of the following EXCEPT:

Community-sourced. Answers may be wrong or out of date. Always verify with your official training portal before submitting. Not affiliated with any branch, agency, or vendor. Details.
Answer

An organizational IRB or Privacy Board, privacy official ("Privacy Officer"), or security official ("Security Officer"), depending on the issue.

Alternate answers seen on other CBTs

The same question shows up worded slightly differently across CBT versions. Here are the other answer variants we've indexed.

Data that does not cross state lines when disclosed by the covered entity.

Citi Hipaa Training

This question appears on

Citi Hipaa TrainingHipaa Authorization Has Which Of The Following CharacteristicsHipaa Recruiting Into ResearchThe Hipaa Minimum Necessary Standard AppliesThe Hipaa Minimum Necessary Standard Applies CitiUcla Hipaa Training