HIPAA 1. HIPAA ONLY Electronically shared PHI need not be protected as it only shared with other covered entities Yes No None 2. HIPAA ONLY All patients need not be given the HIPAA forms as it is taken for granted that their PHI is protected Yes No None 3. HIPAA ONLY Likelyhoodof threat can be high, medium or low Yes No None 4. HIPAA ONLY HIPAA applies only to the contiguous states of the United States Yes No None 5. HIPAA ONLY Even a remote information storage/clinical information back-up company is a Covered Entity Yes No None 6. HIPAA ONLY HB 300 apllies only to Texas Yes No None 7. HIPAA ONLY Penalties for employees and the owner could be financial and criminal Yes No None 8. HIPAA ONLY The clinic needs to protect the patient's personal, financial and helth information Yes No None 9. HIPAA ONLY PHI sharing by unpaid gmail/yahoo or hotmail is possible if the files are encrypted Yes No None 10. HIPAA ONLY Breaches can involve 500 patients or less (small), or could be 500 patients or more (large) Yes No None 11. HIPAA ONLY You can give a pdf of the complete record to the patient if the patient asks for it Yes No None 12. HIPAA ONLY If you want to display a picture of a paient you must get a specific signed authorization for that specific use or purpose, which extends beyond patient health care needs Yes No None 13. HIPAA ONLY A patient health information belongs to the clinic and you can only share parts of it with the patient Yes No None 14. HIPAA ONLY A referral clinician such as an Oral& Maxillofacial surgeon is a Business Associate Yes No None Time's up
