Lec 7 Federal Law: Supply Chain, Advertising, HIPAA Flashcards
(21 cards)
4 main aspects of 1987 PDMA
-reimportation
-preferential pricing
-samples and coupons
-wholesale licensure
which of the following is NOT a part of the 1987 PDMA?
a. reimportation
b. preferential pricing
c. samples and coupons
d. labeling requirements
e. wholesale licensure
d. labeling requirement
T or F: A drug cannot be reimported into the United States unless reimported by the drug manufacturer or for emergency use after FDA review.
T
T or F: the PDMA bans importation of all drugs from a foreign country
F
(bans importation of American-made drugs from foreign countries, NOT importation of drugs from a foreign country)
Bans the sale, purchase, or trade of a prescription drug purchased at a reduced price by a hospital or other healthcare facility or donated or supplied to a charity.
a. reimportation
b. preferential pricing
c. samples and coupons
d. wholesale licensure
b. preferential pricing
which of the following is FALSE about samples and coupons according to the PDMA?
a. Practitioners must ask for drug samples electronically
b. Community pharmacies cannot have drug samples at anytime
c. Established Recordkeeping, storage, and handling requirements for drug samples
d. A drug sample is not intended for sale
a. Practitioners must ask for drug samples electronically
(must be in writing)
which of the following is FALSE according to the PDMA?
a. States were required to license wholesalers
b. Wholesale licensure records related to PDMA must be maintained for at least 5 years
c. Whistleblower awards up to $125,000 enacted for reporting someone violating PDMA
b. Records related to PDMA must be maintained for at least 5 years
(3 years)
which of the following is TRUE about requirements of DSCSA?
a. manufacturers and wholesalers must verify the legitimacy of products in question within 72 hours of inquiry from a pharmacy
b. Any illegitimate products must be brought to the FDA within 1 hour of discovery by the manufacturer, repackager, distributor, or dispenser
c. Pharmacies must track expiration dates throughout the filling process
d. Product tracking must be documented for all parts of the supply chain and maintained for 6 years
d. Product tracking must be documented for all parts of the supply chain and maintained for 6 years
(a. and b. is 24 hours; c. is lot numbers, not expiration)
look at slide 18 for DTC advertising standards
okay
HIPAA applies to what 3 groups? (called covered entities)
-health care providers who electronically transmit any health information
-health plans
-health care clearinghouses
Can be individual or group providers (physicians, clinics, hospitals, pharmacies, employees of any of the preceding)
a. health care providers
b. health plans
c. health care clearinghouses
a. health care providers
Health insurance, government payers (Medicare & Medicaid), Health Maintenance Orgs (HMOs)
a. health care providers
b. health plans
c. health care clearinghouses
b. health plans
Groups that process PHI on behalf of another entity (PBMs, EHRs, etc.)
a. health care providers
b. health plans
c. health care clearinghouses
c. health care clearinghouses
4 HIPAA rules
-privacy rule
-security rule
-breach notification rule
-enforcement rule
Requires covered entities to maintain reasonable and appropriate administrative, technical, and physical safeguards of electronic PHI (e-PHI)
a. privacy rule
b. security rule
c. breach notification rule
d. enforcement rule
b. security rule
If a covered entity discovers a breach of unsecured PHI, it is obligated to report that breach.
a. privacy rule
b. security rule
c. breach notification rule
d. enforcement rule
c. breach notification rule
(duh)
This rule identifies PHI as information, including demographics, that relate to:
-An individual’s past, present or future physical or mental health or condition
-The provision of health care to the individual, or
-The past, present, or future payment for the provision of health care to the individual
a. privacy rule
b. security rule
c. breach notification rule
d. enforcement rule
a. privacy rule
T or F: de-Identified health information is considered protected health information
F
outlines how the U.S. Department of Health and Human Services (HHS) investigates and addresses HIPAA violations, including the imposition of penalties.
a. privacy rule
b. security rule
c. breach notification rule
d. enforcement rule
d. enforcement rule
HIPAA Breach Notification Rule: which of the following is FALSE?
a. If a covered entity discovers a breach of unsecured PHI, it is obligated to report that breach
b. If a breach affects 500+ individuals, it must be reported within 60 days of the end of the calendar year in which the breach was discovered
c. If a breach affects 500+ individuals, it must be reported to the prominent media outlets serving the state or jurisdiction
d. Breaches are reported to the Secretary of Health and Human Services
e. A breach affecting 500+ individuals are available as the public domain
b. If a breach affects 500+ individuals, it must be reported within 60 days of the end of the calendar year in which the breach was discovered
(this is for fewer than 500 individuals; if 500+ individuals are affected then it must be reported within 60 days from the discovery of the breach)
when does a breach affecting fewer than 500 individuals need to be reported?
within 60 days of the end of the calendar year in which the breach was discovered
