Test your HIPAA Knowledge! The Business Associate Agreement is required when someone your office does business with has access to client medical information. That agreement: A. Has no specific language that is required although there are some recommendations B. Does not require any specific language or points C. Requires the use of specific elements D. Protects the Business Associate from the improper use of Protected Health Information. A Chain of Trust Agreement involves: A. All the surrounding offices at your location B. All your Business Associates C. Business Associates of your Business Associates D. Any one that has access to PHI Does your office have a records privacy policy posted where patients can easily read it? A. Yes B. No C. I have no idea The HIPAA Privacy regulations went into effect on: A. April 14, 2000 B. April 14, 2001 C. April 14, 2002 D. April 14, 2003 PHI stands for: A. Personal Health Information B. Protected Health Information C. Private Health Information D. None of the above PHI is defined as: A. Any information that can be used to identify the medical provider B. Information that has been de-identified C. 19 identifiers that can be used to identify a patient D. The social security number and email address of a patient A consent form must be signed by each patient the first time they visit the office after you begin the HIPAA compliance process. A. True B. False The purpose of a Privacy Officer in a health care firm is to: A. To keep the health care firm secrets B. Provide one contact person for patients C. Read the HIPAA manuals D. Learn how to keep the records safe The Privacy Notice must: A. Be posted in a plainly visible location in the office B. Explain the patient's rights C. Provide contact information for the Office of Civil Rights D. A, B, and C E. None of the above Does your office have a disaster recovery plan? A. That means calling the insurance company, right? B. Yes C. No D. I don't know