Which of the following is not required of covered entities by the HIPAA privacy rule?
A)Designation of a privacy officer
B)Creation of a code of ethics that applies to all employees who have access to health-related information
C)Establishment of a complaint handling and resolution process for issues related to the HIPAA privacy rule
D)Agreements signed by business associates stating that they will respect the confidentiality of patient information

Question

Quizplus · Accepted Answer

The HIPAA privacy rule requires creation of a code of ethics that applies to the company's key officers.
Key Takeaway: At a minimum, this code must apply to the company's principal executive officer, principal financial officer, principal accounting officer or controller, or persons performing similar functions. It does not, however, have to apply more broadly within the organization. All covered entities are required by the HIPAA privacy rule to designate a privacy officer, establish a compliant handling and resolution process, and sign agreements stating business associates will respect confidentiality of patient information.

Which of the Following Is Not Required of Covered Entities