FERPA and HIPAA Crossword

Edit Answers
123456789101112131415161718192021222324252627282930313233343536
Across
  1. 2. HIPAA allows the release of _______ data sets for public health, research, and other purposes after specific identifiers about the patient or household have been removed.
  2. 5. FERPA applies to all educational agencies and institutions that receive ______ from the government which is administered by the Department of Education (DOE).
  3. 10. The _______ Rule of HIPPA requires technical and non-technical safeguards to keep Electronic Health Information safe.
  4. 14. A method to protect electronic health information by removing specific identifiers about a patient or household that can identify a specific patient.
  5. 15. Business ______ are persons, businesses or vendors that perform certain functions on behalf of healthcare providers.
  6. 16. In case of health and safety _______, schools are permitted to disclose PII from education records.
  7. 17. The term PHI in HIPAA refers to ________ health information
  8. 20. An entity must make reasonable effort to use, disclose and request only the minimum amount of PHI needed to accomplish the purpose is called minimum _______ principle.
  9. 22. HIPAA stands for Health Insurance _____ and Accountability Act is established in 1996 to govern the health care marketplace.
  10. 23. FERPA final rules of 2008 does not dictate the technical steps to protect electronic data system, but offers standards from _______ as a reference to safeguard electronic records.
  11. 24. Under FERPA, schools are prohibited to ______ PII which derives from the educational records.
  12. 27. Although FERPA prohibit nonconsensual disclosure of education records, it lists several condition under which the written permission are not required; this is called _______.
  13. 28. Private and religious elementary and _______ schools are generally not subject to FERPA.
  14. 29. In case of unauthorized disclosure, under FERPA, education institution does not require notification to parents or eligible students, unless the disclosure is related to identity _______
  15. 30. Identity badges worn by authorize personnel to access certain area is an example of _______ security measures.
  16. 31. A legal standing that permits education institution to release education record for a law enforcement purpose without prior consent.
  17. 34. To raise awareness, healthcare entities should provide ______ to their employees who interacts with health information on a regular basis.
  18. 35. HIPAA is a _____ law that gives you the right to have your health information protected and limit who can have access to your health information.
  19. 36. Student’s _______ record maintained by a school nurse are considered part of student’s education records, thus protected from unauthorized disclosure.
Down
  1. 1. FERPA, which stands for_______ Educational Right & Privacy Act, is a law enacted in 1974 that governs the access of educational information and records.
  2. 3. A student who has reached the age of 18 or who is attending a postsecondary institution at any age is called a ________ student; the rights afforded his or her parents under FERPA transfer to that student.
  3. 4. Persons who believes that their right is violated under FERPA can file a _______ with Department of Education who will investigate the case.
  4. 6. A formal event/process to which education institution responds after receiving a request from the parent or eligible student challenging the student’s education records believed to be inaccurate, misleading, or in violation of the student’s privacy rights.
  5. 7. The ______ Rule of HIPAA sets limit and conditions on the use and disclosure of health information without patient authorization
  6. 8. A detailed document that gives entities permission to use protected health information for specified purposes or to disclose protected health information to a third party specified by an individual.
  7. 9. Social Security Number and ______ are categorized as non-directory information.
  8. 11. In regards to data sharing, your health information data cannot be shared to other entities without your written ________
  9. 12. In general, there are ______ titles within HIPAA to describe major domains regulated in the law.
  10. 13. In FERPA, prior to education record information disclosure, educational institutions must obtain written ______.
  11. 18. '______ entities’ is a terminology used in HIPAA to identify parties involved in the healthcare business, such as healthcare providers, insurance companies, health information clearinghouses, etc.
  12. 19. Title _____ of HIPAA is relevant to information security in which it provides national standards on electronically transferred health information.
  13. 21. Under FERPA, personal data that can be found in publicly available sources (yearbook, phonebook), such as name, address, e-mail, telephone number are classified as ______ information.
  14. 25. Access Control is one of _________ safeguards to regulate access to electronic PHI.
  15. 26. PII, which stands for ______ Identifiable Information is data that can identify a specific person/student.
  16. 32. Schools can provide health agencies with access to student health and other relevant data if the information does not contain _______.
  17. 33. Unless there is an outstanding request by an eligible student to inspect and review education records, FERPA ______ the school to destroy such records without notice to the student.