Your patient portal contains some of your most sensitive personal information — diagnoses, medications, test results, and insurance details. Understanding how to protect that information, and what rights you have over it, is an important part of managing your own healthcare. This quiz covers eight practical privacy and security scenarios, from HIPAA basics to spotting phishing emails. Each question comes with a plain-English explanation to help you build good habits that protect your records.
Interactive Quiz0/8 answered
Question 1 of 8
HIPAA (the Health Insurance Portability and Accountability Act) primarily protects:
Explanation:HIPAA sets national standards for protecting your medical information. It limits who can see or share your records and gives you rights to access your own data.
Question 2 of 8
Two-factor authentication (2FA) on a patient portal adds security by:
Explanation:2FA requires something you know (password) plus something you have (phone code or authenticator app). Even if your password is stolen, an attacker cannot log in without the second factor.
Question 3 of 8
You share a tablet with family members. The best practice for your patient portal is:
Explanation: On shared devices, always use a private/incognito window and log out completely when finished. Saved passwords and sessions can expose your records to other users.
Question 4 of 8
You receive an email claiming to be from your hospital asking you to "verify your portal login." You should:
Explanation: This is a classic phishing attempt. Never click portal links from unexpected emails. Navigate directly to the hospital's official URL or call them to verify any request.
Question 5 of 8
Proxy access in a patient portal means:
Explanation:Proxy access lets you grant another person — like a parent, spouse, or caregiver — permission to view specific parts of your portal. The scope and type of access is set by the patient and the portal's policies.
Question 6 of 8
Under HIPAA, you generally have the right to:
Explanation: HIPAA gives you the right to access, receive a copy of, and request amendments to your health records. Providers may charge a reasonable fee for copies and have limited grounds to deny access.
Question 7 of 8
If you notice a prescription or diagnosis in your portal that you do not recognize, you should:
Explanation: Unexplained entries may reflect a billing code error, a record mix-up, or in rare cases a sign of identity theft. Contact your provider promptly and follow the formal amendment process if an error is confirmed.
Question 8 of 8
The strongest type of password for a patient portal is:
Explanation: A long, unique password (12+ characters, mixed types) is hardest to crack. Use a password manager so you do not have to reuse passwords across sites — reuse is the biggest single security risk.
