HIPAA 1. HIPAA ONLY All patients need not be given the HIPAA forms as it is taken for granted that their PHI is protected Yes No None 2. HIPAA ONLY Electronically shared PHI need not be protected as it only shared with other covered entities Yes No None 3. HIPAA ONLY safety data sheets must be read and used by the clinic employees Yes No None 4. HIPAA ONLY HIPAA applies only to the contiguous states of the United States Yes No None 5. HIPAA ONLY The clinic needs to protect the patient's personal, financial and helth information Yes No None 6. HIPAA ONLY Even a remote information storage/clinical information back-up company is a Covered Entity Yes No None 7. HIPAA ONLY PHI sharing by unpaid gmail/yahoo or hotmail is possible if the files are encrypted Yes No None 8. HIPAA ONLY Every clinic owner should be trained in Risk Assessment and Risk Analysis Yes No None 9. HIPAA ONLY We must obtain a signed conset again to shar the PHI with a referral specialist Yes No None 10. HIPAA ONLY Breaches can involve 500 patients or less (small), or could be 500 patients or more (large) Yes No None 11. HIPAA ONLY A referral clinician such as an Oral& Maxillofacial surgeon is a Business Associate Yes No None 12. HIPAA ONLY Endpoint security helps reduce the threats and vulnerabilities to PHI Yes No None 13. HIPAA ONLY You can give a pdf of the complete record to the patient if the patient asks for it Yes No None 14. HIPAA ONLY If you want to display a picture of a paient you must get a specific signed authorization for that specific use or purpose, which extends beyond patient health care needs Yes No None Time's up
