1. Which legislation primarily governs the privacy of patient health information in the United States? - A) The Affordable Care Act - B) The Health Insurance Portability and Accountability Act (HIPAA) - C) The Patient Protection Act - D) The Health Information Technology for Economic and Clinical Health Act (HITECH) Answer: B) The Health Insurance Portability and Accountability Act (HIPAA) Rationale: HIPAA is the key legislation that sets the standard for protecting sensitive patient data in the U.S. 2. In the context of healthcare compliance, what is the primary purpose of risk assessment? - A) Identifying potential hazards to patient safety - B) Determining financial risks for healthcare organizations - C) Evaluating the potential for non-compliance with laws and regulations - D) Assessing the health risk