Form Center

2. HIPAA Training Video and Quiz

   Click play on the video below:

4. Electronic Signature Agreement*

   This is to certify that I have viewed and understand the Madison County HIPAA training presentation. I agree to comply with the HIPAA Privacy Rule and related policies and procedures, applicable to my position. This will be expected as part of my continued association. I understand that I must report any instances of possible violations of HIPAA, laws, regulations, and policies and procedures to Madison County's HIPAA Privacy Officer. I understand that my failure to comply with HIPAA, laws, regulations, and policies and procedures or to report possible violations may result in disciplinary action. Should I have any questions I will direct them to the Privacy Officer, Security Officer, Compliance Officer or my supervisor.

   Submission of this form is your legally binding acknowledgement that you have viewed the training presentation.

   1. I agree.
6. First Name*
7. Last Name*
8. Department*
10. Post-Training Quiz (Required)

    Upon completion of the training video, you must answer the below 15 quiz questions to test your knowledge of the HIPAA Privacy and Security Rules.  You must score 80% to pass the course.

12. 1. What does PHI stand for?*

    1. Patient Health Insurance
    2. Protected Health Information
    3. Privacy Health Information
    4. Personal Health Information
14. 2. What kind of protected health information is covered by HIPAA?*

    1. Electronic
    2. Paper
    3. Verbal
    4. All of the above
16. 3. The HIPAA Privacy Rule was not designed to create a barrier to health care and permits providers to use, share and disclose information for the purpose of treating clients, obtaining reimbursement for services and for health care operations.*

    1. True
    2. False
18. 4. A patient has the right to: (select all that apply)*

    1. Request a copy of their medical record
    2. Be provided with a list of disclosures for the past years
    3. Restrict uses and disclosures of their information
    4. Request the County communicate in ways to protect their privacy.
    5. Receive a paper copy of the Notice of Privacy Practices.
    6. Change or amend information they believe to be incorrect in their medical record.
20. 5. Under HIPAA, it is permitted to access patient health files out of curiosity:*

    1. If you keep it to yourself
    2. Under no circumstances -- it is a HIPAA breach that could get you fired
    3. If you know the patient very well
    4. If the patient's family was asking about it
22. 6. An example of a Business Associate of a HIPAA covered entity is:*

    1. An answering service
    2. A contractor providing IT services and support
    3. Collection and billing vendors
    4. Shredding services
    5. Electronic Health Record vendor
    6. All of the above
24. 7. Madison County is permitted to use or disclose protected health information without the patient’s written authorization for treatment, payment, and operations.*

    1. True
    2. False
26. 8. If an employee perceives a PHI "privacy incident" that could result in a data breach, they are required to notify the Privacy Officer.*

    1. True
    2. False
28. 9. A violation of the HIPAA laws can include a fine of $50,000 and up to one year in jail.*

    1. True
    2. False
30. 10. Under the HIPAA Security Rule, covered entities must do which of the following?*

    1. Ensure the confidentially, integrity, and availability of all electronic protected health information
    2. Protect against anticipated impermissible uses or disclosures
    3. Detect and safeguard against anticipated threats to the security of the information
    4. All of the above
32. 11. What is a breach?*

    1. An employee fails to maintain confidentiality by discussing patient health information on social media
    2. Lab results are sent to the wrong patient or recipient
    3. A laptop or Smartphone containing electronic PHI is lost or stolen –and the device is not encrypted
    4. A computer hacker gains access to systems that contain PHI
    5. All of the above
    6. None of the above
34. 12. Copies of patient information may be disposed of in any garbage can.*

    1. True
    2. False
36. 13. Computer security is:*

    1. A purely technical function
    2. Exclusively the responsibility of the user
    3. A combination of technical and user security measures and vigilance
    4. Is not covered by HIPAA regulations
38. 14. My responsibility under HIPAA includes:*

    1. Handling PHI as if it were my own
    2. Disposing of scrap paper and other documents with PHI by shredding or confidential disposal
    3. Accessing PHI, only the minimum necessary, to do my job
    4. Discussing potential violations or any HIPAA concerns with my supervisor, manager or the designated Privacy or Security Officer.
    5. All of the above
40. 15. If you need to report a HIPAA concern or violation, which of the following can you do?*

    1. Contact my supervisor or manager
    2. Contact the Privacy Officer
    3. Contact the Security Officer
    4. Contact the Compliance Officer
    5. All of the above
Leave This Blank:


42. 1. Receive an email copy of this form.
43. Email address

    This field is not part of the form submission.

44. Submit

* indicates a required field