" /> Posttest Answers
Here are the answers to the HIPAA 42 CFR Posttest
If you got 70% or greater on the posttest. Great, you passed! Hopefully you kept a copy of your answers as requested...
  1. What is the code given at the end of the evaluation? Not really a test question but rather an entrance to the test. I let people into the test regardless of the answer.
    The answer was 20110630code. If you missed this one did you stay until the last slide?

  2. You may disclose PHI to Law Enforcement without Authorization under...
    HIPAA is the correct answer.

  3. A subpoena served under HIPAA is sufficient and allows for disclosure of health records.
    That is true. HIPAA allow it. 42 CFR does not.

  4. When laws conflict, HIPAA is always the regulation to follow.
    False. You should follow the law that gives the client more access to their PHI and the rule that affords the client's records more privacy.

  5. Every healthcare provider is a Covered Entity.
    False. (The most common missed question. Congratulations to the 8 of 62 people who got this right!)

    Covered Entity is a HIPAA term and only those who do certain transactions, such as electronic billing, for instance, would fall under HIPAA. Private practitioners and agencies who are, for instance, cash only, do not need to follow HIPAA - yet.

  6. Under which rule is an individual's privacy more restricted for disclosure?
    Yes - 42 CFR part 2. Everyone got this right!

  7. All agencies that need to follow HIPAA will also need to follow 42 CFR Part 2.
    The answer is false. Not unless they are involved with substances.
  8. Which is a better answer regarding Marketing?
    Correct answer: There are very specific items that need to have written approval from a client before using a client's PHI for marketing.

    If you answered, "Your company's general clinical authorization form is usually legally sufficient for marketing.", Beware! A client MUST give special permission on the release form. (Unless you have every client sign for marketing purposes) You might putting your agency and yourself at the stiffest penalties HIPAA can throw, which has heavy monetary fines and up to 10 years in prison. Fortunately, only 4 got this one wrong, but that's 4 too many for this possibly life-changing question.
  9. Which is true?
    Health information includes past, present, and future information" is the correct answer.
  10. A subpoena is the same as an authorizing court order.
    No. Read 42 CFR part 2 for homework to keep yourself and your agency out of trouble.

  11. A car license plate would be not considered PHI.
    Vehicle license plates ARE considered PHI.

  12. All agencies that need to follow 42 CFR Part 2 will also need to follow HIPAA.
    Answer: Yes, if they do HIPAA related transactions. (The second most common missed question. Congratulations to the 14 of 62 people who got this right!)

    If a 42 CFR agency does not conduct "covered transactions" they do not need to follow HIPAA. For example, a substance treatment agency or personal provider that operates under a cash only basis. There are providers out there that do substance abuse treatment, but do not use the "covered transactions" of HIPAA.
  13. Emails are generally a safe way to send client information, especially if you are in the same building.
    False. Unless you are sure that your emails are encrypted, don't do it. However, EVERYONE got this right!



If you have any questions or comments, please email: randerson@lltraininginstitute.org.

One last thing. If you want to receive e-notifications about Life Link Training Institute's upcoming trainings go here:
http://www.lltraininginstitute.org/enotificationandcontacts/enotifications.html

We are having a PAMI training coming up on the first of August in Albuquerque in conjunction with UNM. Also there is a CRAFT Training coming up in Santa Fe on the 4-5th of August.