Information  Management  Quiz  

1. Which  of  the  following  is  not  considered  Personally  Identifiable  Information  (PII)?  
a. Social  Security  number  
b. Driver’s  license  number  
c. Date  of  birth  
d. Name  of  workplace  
 
2. Who  do  you  first  contact  to  report  an  actual  or  suspected  breach  of  PII  or  PHI?  
a. FOH  Help  Desk  
b. TJC  Help  Desk  
c. Your  supervisor  
d. ARM  director  
 
3. Electronic  files  with  confidential  information  stored  on  hard  drives  of  desktop  computers  or  
laptops  must  be  encrypted  and/or  password  protected.  
a. True  
b. False  
 
4. Any  records  that  are  not  in  active  use  are  to  be  maintained  with  a  minimum  of  __  layers  of  
security.  
a. One  
b. Two  
c. Three  
d. Five  
 
5. When  a  person  is  requesting  PII  from  an  EAP  consultant,  the  consultant  can  verify  the  identity  of  
the  person  by  all  of  the  following,  except:  
a. Confirming  name  
b. Examining  one  piece  of  tangible  identification  (passport,  license,  etc.)  
c. Obtaining  a  written  certification  that  he/she  is  who  he/she  claims  to  be  and  that  he/she  
understands  that  the  knowing  and  willful  request  for  or  acquisition  of  a  record  under  
false  pretenses  is  a  criminal  offense  subject  to  a  $5,000  fine  
d. Asking  the  person  specific  questions  that  can  be  verified  with  record  (date  of  last  
session,  presenting  problem,  etc.)  
 
6. FOH  may  deny  requests  for  access  to  PII.  
a. True  
b. False  
  
 

Answer  Key:  

1. d  
2. a  
3. a  
4. b  
5. a  
6. a  
 
 
 
 
14.2203