HIPAA 1. HIPAA ONLY Penalties for employees and the owner could be financial and criminal Yes No None 2. HIPAA ONLY Even a remote information storage/clinical information back-up company is a Covered Entity Yes No None 3. HIPAA ONLY We must obtain a signed conset again to shar the PHI with a referral specialist Yes No None 4. HIPAA ONLY PHI sharing by unpaid gmail/yahoo or hotmail is possible if the files are encrypted Yes No None 5. HIPAA ONLY Breaches can involve 500 patients or less (small), or could be 500 patients or more (large) Yes No None 6. HIPAA ONLY A patient health information belongs to the clinic and you can only share parts of it with the patient Yes No None 7. HIPAA ONLY Employee "right to know" law mean every employee has the right to know of the hazard posed by chemicals at the workplace or clinic Yes No None 8. HIPAA ONLY You can give a pdf of the complete record to the patient if the patient asks for it Yes No None 9. HIPAA ONLY Likelyhoodof threat can be high, medium or low Yes No None 10. HIPAA ONLY HB 300 apllies only to Texas Yes No None 11. HIPAA ONLY If you want to display a picture of a paient you must get a specific signed authorization for that specific use or purpose, which extends beyond patient health care needs Yes No None 12. HIPAA ONLY HIPAA applies only to the contiguous states of the United States Yes No None 13. HIPAA ONLY Electronically shared PHI need not be protected as it only shared with other covered entities Yes No None 14. HIPAA ONLY Every clinic owner should be trained in Risk Assessment and Risk Analysis Yes No None Time's up
