FERPA and HIPAA Crossword

Edit Answers
1234567891011121314151617181920212223242526272829303132333435363738
Across
  1. 2. In case of unauthorized disclosure, under FERPA, education institution does not require notification to parents or eligible students, unless the disclosure is related to identity _______
  2. 6. Unless there is an outstanding request by an eligible student to inspect and review education records, FERPA ______ the school to destroy such records without notice to the student.
  3. 9. Financial consequences imposed on entities for failure to comply with HIPAA.
  4. 12. PII, which stands for ______ Identifiable Information is data that can identify a specific person/student.
  5. 16. In regards to data sharing, your health information data cannot be shared to other entities without your written ________
  6. 18. A student who has reached the age of 18 or who is attending a postsecondary institution at any age is called a ________ student; the rights afforded his or her parents under FERPA transfer to that student.
  7. 19. Business ______ are persons, businesses or vendors that perform certain functions on behalf of healthcare providers.
  8. 21. Access Control is one of _________ safeguards to regulate access to electronic PHI.
  9. 24. In case of health and safety _______, schools are permitted to disclose PII from education records.
  10. 28. FERPA final rules of 2008 does not dictate the technical steps to protect electronic data system, but offers standards from _______ as a reference to safeguard electronic records.
  11. 29. A method to protect electronic health information by removing specific identifiers about a patient or household that can identify a specific patient.
  12. 31. The ¬¬¬_______ Rule of HIPPA requires technical and non-technical safeguards to keep Electronic Health Information safe.
  13. 33. Under FERPA, personal data that can be found in publicly available sources (yearbook, phonebook), such as name, address, e-mail, telephone number are classified as ______ information.
  14. 34. The ______ Rule of HIPAA sets limit and conditions on the use and disclosure of health information without patient authorization
  15. 35. Identity badges worn by authorize personnel to access certain area is an example of _______ security measures.
  16. 36. HIPAA allows the release of _______ data sets for public health, research, and other purposes after specific identifiers about the patient or household have been removed.
  17. 38. FERPA, which stands for ¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬_______ Educational Right & Privacy Act, is a law enacted in 1974 that governs the access of educational information and records.
Down
  1. 1. In FERPA, prior to education record information disclosure, educational institutions must obtain written ______.
  2. 3. FERPA applies to all educational agencies and institutions that receive ______ from the government which is administered by the Department of Education (DOE).
  3. 4. Under FERPA, schools are prohibited to ______ PII which derives from the educational records.
  4. 5. Persons who believes that their right is violated under FERPA can file a _______ with Department of Education who will investigate the case.
  5. 6. Schools can provide health agencies with access to student health and other relevant data if the information does not contain _______.
  6. 7. In general, there are ______ titles within HIPAA to describe major domains regulated in the law.
  7. 8. ¬¬¬‘______ entities’ is a terminology used in HIPAA to identify parties involved in the healthcare business, such as healthcare providers, insurance companies, health information clearinghouses, etc.
  8. 10. A formal event/process to which education institution responds after receiving a request from the parent or eligible student challenging the student’s education records believed to be inaccurate, misleading, or in violation of the student’s privacy rights.
  9. 11. HIPAA is a _____ law that gives you the right to have your health information protected and limit who can have access to your health information.
  10. 13. A legal standing that permits education institution to release education record for a law enforcement purpose without prior consent.
  11. 14. HIPAA stands for Health Insurance _____ and Accountability Act is established in 1996 to govern the health care marketplace.
  12. 15. To raise awareness, healthcare entities should provide ______ to their employees who interacts with health information on a regular basis.
  13. 17. A technology to decode the PHI into unreadable form when transmitted or stored in a database.
  14. 20. Private and religious elementary and _______ schools are generally not subject to FERPA.
  15. 22. An agreement established between healthcare entities with third parties (trading partners) with whom they exchange health information to ensure the HIPAA compliance.
  16. 23. An entity must make reasonable effort to use, disclose and request only the minimum amount of PHI needed to accomplish the purpose is called minimum _______ principle.
  17. 25. In FERPA, Social Security Number and ______ are categorized as non-directory information.
  18. 26. The term PHI in HIPAA refers to ________ health information
  19. 27. A detailed document that gives entities permission to use protected health information for specified purposes or to disclose protected health information to a third party specified by an individual.
  20. 30. Although FERPA prohibit nonconsensual disclosure of education records, it lists several condition under which the written permission are not required; this is called _______.
  21. 32. Title _____ of HIPAA is relevant to information security in which it provides national standards on electronically transferred health information.
  22. 37. Student’s _______ record maintained by a school nurse are considered part of student’s education records, thus protected from unauthorized disclosure.