HIPAA 1. HIPAA ONLY Even a remote information storage/clinical information back-up company is a Covered Entity Yes No None 2. HIPAA ONLY Breaches can involve 500 patients or less (small), or could be 500 patients or more (large) Yes No None 3. HIPAA ONLY Penalties for employees and the owner could be financial and criminal Yes No None 4. HIPAA ONLY HB 300 apllies only to Texas Yes No None 5. HIPAA ONLY You can give a pdf of the complete record to the patient if the patient asks for it Yes No None 6. HIPAA ONLY If you want to display a picture of a paient you must get a specific signed authorization for that specific use or purpose, which extends beyond patient health care needs Yes No None 7. HIPAA ONLY Electronically shared PHI need not be protected as it only shared with other covered entities Yes No None 8. HIPAA ONLY HIPAA applies only to the contiguous states of the United States Yes No None 9. HIPAA ONLY safety data sheets must be read and used by the clinic employees Yes No None 10. HIPAA ONLY Employee "right to know" law mean every employee has the right to know of the hazard posed by chemicals at the workplace or clinic Yes No None 11. HIPAA ONLY PHI sharing by unpaid gmail/yahoo or hotmail is possible if the files are encrypted Yes No None 12. HIPAA ONLY Penaltie can go up to 1,5 million dollars for breaches Yes No None 13. HIPAA ONLY A referral clinician such as an Oral& Maxillofacial surgeon is a Business Associate Yes No None 14. HIPAA ONLY The clinic needs to protect the patient's personal, financial and helth information Yes No None Time's up
