Why Are Privacy And Information Security Necessary
31 community-sourced questions and answers. Free — no login.
What is a Covered Entity(CE)?
•Any healthcare organization, including healthcare providers, healthcare plans, and public health authorities
What does the term "PHI" stand for?
•Protected Health Information
A Facility is defined as :
•Physical premises and interior or exterior of a building
Software that is designed to cause damage is called:
•Malicious Software
Employees and contractors of the Army as well as Soldiers with access to Soldier health records are covered by the law.
•TRUE
The Health Insurance Portability and Accountability Act of 1996 is aimed at ensuring the portability of health Insurance for individuals.
•TRUE
For obtaining health information under false pretenses, you could face fines of up to $100,000 and/or five years in prison.
•TRUE
The minimum personal fine per day per occurrence for non compliance with HIPAA is
•100
Business associates working on behalf of a CE are required to have a HIPAA certificate.
•TRUE
PHI refers to only health information that is stored electronically.
•FALSE
Why are Privacy and Information Security necessary?
•An abundance of information is collected, used, processed and shared in the Health Care Industry
Dentists and Dental Techs who are contracted by the Army must comply with HIPAA
•TRUE
Employees, volunteers, trainees and other persons whose conduct in the performance of work is under the direct control of a CE (covered entity) are defined as
•Workforce
A HIPAA certificate expires:
•One year from the date it is created
The primary goal of the HIPAA law is:
•To make it easier for people to keep health insurance and to help the industry control administrative costs.
A health plan is considered a covered entity (CE)?
•TRUE
You can be fined on a personal basis for HIPAA violations.
•TRUE
Pick the two rules of HIPAA designed to protect a Soldier's individually identifiable medical information from loss or accidental disclosure.
•Privacy •Security
Disclosure is defined as: The release, transfer, provision of access to, or divulging of information outside the entity holding the information.
•TRUE
PHI can include data such as a doctor's appointment slip.
•TRUE
You can be fined up to $250,000 and ten years in prison from using health information for malicious harm.
•TRUE
The Privacy Rule gives all of these rights to Soldiers except?
•To request the names, companies, and phone numbers of individuals that have accessed his/her medical record
Which of these are the military exemptions?(Choose the BEST answer.)
•All of the above
During a medical emergency a restricted medical record is available
•TRUE
The medical record access report will list the date, description of information provided, and reason.
•TRUE
All of these standards apply to the Privacy Rule except.
•How PHI is used to treat a hospitalized Soldier
Select the two requirements listed below that must be satisfied for information to be considered "individually identifiable".
•The information pertains to health information •It contains something that can identify the individual such as a name, number, or address
Coordinating/providing sick call, routine and emergency care, quarters, and health care from civilian providers are the only Military Privacy Rule exceptions.
•FALSE
Access to a Soldier's medical record can be denied.
•TRUE
If a Soldier's record contains psychotherapy notes, a request to review their medical record can be denied.
•TRUE
A Soldier can request a copy of his/her medical records
•TRUE
Looking for a different version?
CBTs get updated every year. Search for the exact version you're taking (e.g. "cyber awareness 2025").
Search all study materials