1. Briefly explain in your own words the general intent of HIPAA, and its significance with current technological innovations.
2. Explain the relationship between HIPAA and HITECH.
3. Under what circumstances would a covered entity not be required to protect health information?
4. Briefly describe the difference between an administrative and technical safeguard.
5. Briefly explain which type of cloud providers may be required to adhere to HIPAA.
6. Explain why there should be a balance between protecting health information and sharing health information.
7. Under what circumstances would a state not be required to follow HIPAA regulations.
8. Briefly provide an example of when OCR would enforce a civil penalty instead of a criminal penalty in the case of a covered entity violating HIPAA regulations.
9. Briefly explain the differences between the various covered entities. Specifically address the differences between a healthcare provider, health plans, and healthcare clearinghouses.
10. Explain why private health information contained in an employee file would not be required to adhere to HIPAA.