Across
- 2. Unless there is an outstanding request by an eligible student to inspect and review education records, FERPA ______ the school to destroy such records without notice to the student.
- 4. HIPAA allows the release of _______ data sets for public health, research, and other purposes after specific identifiers about the patient or household have been removed.
- 6. PII, which stands for ______ Identifiable Information is data that can identify a specific person/student.
- 9. In case of health and safety _______, schools are permitted to disclose PII from education records.
- 10. In FERPA, prior to education record information disclosure, educational institutions must obtain written ______.
- 12. Although FERPA prohibit nonconsensual disclosure of education records, it lists several condition under which the written permission are not required; this is called _______.
- 20. Social Security Number and ______ are categorized as non-directory information.
- 21. Private and religious elementary and _______ schools are generally not subject to FERPA.
- 24. The _______ Rule of HIPPA requires technical and non-technical safeguards to keep Electronic Health Information safe.
- 25. The ______ Rule of HIPAA sets limit and conditions on the use and disclosure of health information without patient authorization
- 26. A detailed document that gives entities permission to use protected health information for specified purposes or to disclose protected health information to a third party specified by an individual.
- 28. The safeguards of electronic PHI might take form of administrative, technical and ________ countermeasures.
- 29. HIPAA is a _____ law that gives you the right to have your health information protected and limit who can have access to your health information.
- 31. A legal standing that permits education institution to release education record for a law enforcement purpose without prior consent.
- 32. FERPA applies to all educational agencies and institutions that receive ______ from the government which is administered by the Department of Education (DOE).
Down
- 1. Student’s _______ record maintained by a school nurse are considered part of student’s education records, thus protected from unauthorized disclosure.
- 3. In case of unauthorized disclosure, under FERPA, education institution does not require notification to parents or eligible students, unless the disclosure is related to identity _______
- 5. '______ entities’ is a terminology used in HIPAA to identify parties involved in the healthcare business, such as healthcare providers, insurance companies, health information clearinghouses, etc.
- 7. A student who has reached the age of 18 or who is attending a postsecondary institution at any age is called a ________ student; the rights afforded his or her parents under FERPA transfer to that student.
- 8. The term PHI in HIPAA refers to ________ health information
- 11. Under FERPA, personal data that can be found in publicly available sources (yearbook, phonebook), such as name, address, e-mail, telephone number are classified as ______ information.
- 13. Persons who believes that their right is violated under FERPA can file a _______ with Department of Education who will investigate the case.
- 14. In regards to data sharing, your health information data cannot be shared to other entities without your written ________
- 15. Access Control is one of _________ safeguards to regulate access to electronic PHI.
- 16. Business ______ are persons, businesses or vendors that perform certain functions on behalf of healthcare providers.
- 17. HIPAA stands for Health Insurance _____ and Accountability Act is established in 1996 to govern the health care marketplace.
- 18. Title _____ of HIPAA is relevant to information security in which it provides national standards on electronically transferred health information.
- 19. To raise awareness, healthcare entities should provide ______ to their employees who interacts with health information on a regular basis.
- 22. An entity must make reasonable effort to use, disclose and request only the minimum amount of PHI needed to accomplish the purpose is called minimum _______ principle.
- 23. In general, there are ______ titles within HIPAA to describe major domains regulated in the law.
- 27. Under FERPA, schools are prohibited to ______ PII which derives from the educational records.
- 30. A formal event/process to which education institution responds after receiving a request from the parent or eligible student challenging the student’s education records believed to be inaccurate, misleading, or in violation of the student’s privacy rights.
- 33. FERPA final rules of 2008 does not dictate the technical steps to protect electronic data system, but offers standards from _______ as a reference to safeguard electronic records.