844-ZEKTECK (844-935-8325)

Welcome to your HIPAA Quiz

Which of the following is not a section of HIPAA:
True or False: Practices are shielded from liability if a vendor or contractor breaches HIPAA.
True or False: Practices will not be charged a fine if they were unaware of risks that caused a breach.
On average, a HIPAA violation fine is:
___% of healthcare organizations have experienced at least one data breach in the last 12 months.
If a data breach occurs involving more than 500 individuals, how long does a practice have to report it?
Which of the following documents are required per HIPAA?
How long must a practice keep HIPAA-related documents?
Which of the following is not a common cause of a HIPAA violation:

What Happens When Something Is Missed?

When a HIPAA compliance regulation or requirement is missed, then a covered entity is at risk for fines from HHS. The chart below describes the criteria by which fines are estimated. 

HIPAA Compliance and Fines

How do they know I broke the HIPAA Compliance rules?

HHS performs audits at random. Providers often think, “I’m too small to attract their attention.” However, HHS has been able to reduce the number of random audits because the number of patient complaints has dramatically increased costing small practices millions of dollars each year. 

What can I do to prevent this from happening to me?

The most missed requirements of HIPAA compliance tend to be the required process and policy documentation and training. It is difficult to manage all of the aspects, rules, regulations, processes and policies without help. Zekteck’s Compliance and Security Portal is a central place for practices to manage everything needed to be compliant and secure. It can be set up in as little as 2 hours and does not require any data migration or system integrations. 

Reduce Your Risk and Protect Your Data

Zekteck's Compliance and Security Portal will make your practice compliant and more secure. It's easy to set up, easy to use, and cost effective. 

Start HereLearn More

*This page does not meet the requirements to be considered compliant HIPAA training. 

This is an addition to HIPAA that came into effect on January 25, 2013, and it requires that contractors, vendors, and subcontractors that handle Protected Health Information (PHI) on behalf of any Covered Entity must follow HIPAA requirements and guidelines. As a result, all medical practices must determine whether a vendor or contractor has access to PHI and, if so, must acquire a Business Associate Agreement (BAA) from that vendor. The rule also requires that Covered Entities must obtain “reasonable assurance” that the vendor or contractor is able to meet HIPAA guidelines and requirements.

This rule addresses the requirements necessary to protect individuals’ electronic Personal Health Information (ePHI). The security rule requires three types of safeguards: administrative, physical, and technical. This rule also dictates that a practice perform a risk assessment/analysis and enact a plan to mitigate these risks.

This set of national standards was created to ensure that Protected Healthcare Information (PHI) is protected. This includes Personally Identifiable Information (PII), also known as Individually Identifiable Health Information (IIHI).

[forminator_form id="5983"]