HIPAA

1. 
HIPAA ONLY
Electronically shared PHI need not be protected as it only shared with other covered entities

2. 
HIPAA ONLY
Every clinic owner should be trained in Risk Assessment and Risk Analysis

3. 
HIPAA ONLY
All patients need not be given the HIPAA forms as it is taken for granted that their PHI is protected

4. 
HIPAA ONLY
Breaches can involve 500 patients or less (small), or could be 500 patients or more (large)

5. 
HIPAA ONLY
HB 300 apllies only to Texas

6. 
HIPAA ONLY
You can give a pdf of the complete record to the patient if the patient asks for it

7. 
HIPAA ONLY
Penalties for employees and the owner could be financial and criminal

8. 
HIPAA ONLY
If you want to display a picture of a paient you must get a specific signed authorization for that specific use or purpose, which extends beyond patient health care needs

9. 
HIPAA ONLY
HIPAA applies only to the contiguous states of the United States

10. 
HIPAA ONLY
A referral clinician such as an Oral& Maxillofacial surgeon is a Business Associate

11. 
HIPAA ONLY
Employee "right to know" law mean every employee has the right to know of the hazard posed by chemicals at the workplace or clinic

12. 
HIPAA ONLY
Even a remote information storage/clinical information back-up company is a Covered Entity

13. 
HIPAA ONLY
We must obtain a signed conset again to shar the PHI with a referral specialist

14. 
HIPAA ONLY
The clinic needs to protect the patient's personal, financial and helth information