Like this study set? Create a free account to save it.

Sign up for an account

Already have a Quizlet account? .

Create an account

Privacy and Security of Health Records

What do the acronyms PHI and EPHI represent?

PHI - Protected Health Information; EPHI - Protected Health Information in Electronic Format

List the 3 criteria of an electronic signature.

1. message integrity - recipient must be able to confirm document has not been altered after signing
2. Non-repudiation - signer cannot deny signing
3. User Authentication - recipient must be able to confirm signature

Compare the differences between consent and authorization.

Authorization differs from consent in that authorization requires the patient's permission to disclose PHI. Signed consent is optional

Does a provider need the patient's consent to share PHI with an authorized government agency?


List the four components of the HIPAA Administrative Simplification Subsection.

1. Transactions and Code Sets
2. Uniform Identifiers
3. Privacy
4. Security

Which part of the regulation went into effect first?

Transactions and code sets

Which part of the regulation went into effect last?

Uniform identifiers

Business Associate Agreements apply to which components of the Administrative Simplification Subsection?

Privacy and Security

What department of the U.S. government enforces HIPAA?

Department of Health and Human Services (HHS)

List the 3 categories of the Security Rule

1. Administrative safeguards - security training
2. Physical safeguards - restricting access to EPHI; off-site computer back ups
3. Technical safeguards - automated process; authentication controls

Name the covered entities under HIPAA

healthcare providers, health plans, clearinghouses

Which components of the Administrative Simplification Subsection have employee training as one of the requirements?

Privacy and Security

List the requirements for the medical office privacy policy.

must be in plain language; describes how the entity may use and disclose PHI; explain individual's rights and how to exercise said rights; explain how the individual may complain to covered entity; describe covered entity's legal duties; provide information about whom individuals may contact for further information about policies

Name 3 of the technical safeguards

1. encryption/decryption
2. unique user identification
3. automatic log-off

Who may sign an authorization to release PHI?

the patient or the patient's personal representative

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions and try again


Reload the page to try again!


Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

Voice Recording