Health Law Final Quiz (RHIA/RHIT) Quiz 10.1
Which of the following health care systems have to comply with the requirements of the Freedom of Information Act? A) physicians' offices B) private hospitals C) veterans' hospitals D) single-day surgery clinics
C) veterans' hospitals
In which type of facility does the Privacy Act of 1974 permit patients to request amendments to their medical record? A) Department of Defense health care facility B) mental health and chemical dependency facility C) university-based teaching facility D) private proprietary health care facility
A) Department of Defense health care facility
What advice should be given to a physician who has informed you that she recently discovered that a significant portion of a discharge summary she dictated last month was left out? A) Dictate the portion omitted with the heading "Discharge Summary—Addendum" and make a reference to the addendum with a note that is dated and signed on the initial Discharge Summary (e.g., "9/1/17-See Addendum to Discharge Summary"—Signature). B) Redictate the discharge summary and replace the old one with the new one. C) Inform the physician that nothing can be done about the situation. D) Squeeze in the information omitted by writing in available spaces such as the top, bottom, and side margins.
A) Dictate the portion omitted with the heading "Discharge Summary—Addendum" and make a reference to the addendum with a note that is dated and signed on the initial Discharge Summary (e.g., "9/1/17-See Addendum to Discharge Summary"—Signature).
A health care organization's compliance plans should not only focus on regulatory compliance, but also have a A) coding compliance program that prevents fraudulent coding and billing. B) strong personnel component that reduces the rapid turnover of nursing personnel. C) substantial program that increases the availability of clinical data. D) component that increases the security of medical records.
A) coding compliance program that prevents fraudulent coding and billing.
When a health information professional (record custodian) brings the medical record to court in response to a subpoena duces tecum, it is his or her responsibility to A) confirm whether or not the record is complete, accurate, and made in the ordinary course of business. B) present the case favorably for the patient involved. C) explain details of the medical treatment given to the patient. D) leave the original record in the possession of the plaintiff's attorney
A) confirm whether or not the record is complete, accurate, and made in the ordinary course of business.
Willful disregard of a subpoena is considered A) contempt of court. B) contributory negligence. C) breach of contract. D) abuse of process.
A) contempt of court.
HIPAA requires that certain covered entities provide every patient a Notice of Privacy Practices that sets forth all of the following EXCEPT A) covered entities provide every patient with its annual business report. B) patient's rights regarding the covered entities' uses and disclosures. C) how covered entities may use and disclose PHI. D) covered entities' obligations for protecting the patient's PHI.
A) covered entities provide every patient with its annual business report.
In electronic health records, authentication may be achieved by A) digital signature. B) verbal statement. C) handwritten signature. D) digital signature, handwritten signature, and verbal statement.
A) digital signature.
The proper method for correcting a documentation error in a paper medical record is for the author to A) draw a single line through the incorrect information, date, and initial the change. B) white it out, date, and initial the change. C) remove the form from the chart and add a revised form. D) draw an "X" through the incorrect documentation.
A) draw a single line through the incorrect information, date, and initial the change.
What type of testimony is inappropriate for a health information manager serving as custodian of the record when he or she is called to be a witness in court? A) interpretation of documentation in the record B) title and position held in the health care facility C) whether the record is in the practitioner's possession D) whether the medical record was made in the usual course of business
A) interpretation of documentation in the record
The HITECH breach notification requirement is significant and different from any other requirements in the past because it A) places organizations on the radar of regulatory agencies and in the media spotlight. B) suspends the responsible entity from being able to disclose PHI for a specific period of time. C) requires the CEO of the entity responsible to serve jail time. D) requires the entity responsible to pay monetary damages to those affected by the breach.
A) places organizations on the radar of regulatory agencies and in the media spotlight.
Under which category of law would Marleana Harrison bring a cause of action against Dr. Billy Ray for disclosing information regarding her previous physical examination to his wife, Jana Ray, who is Ms. Harrison's hairstylist? A) private law B) criminal law C) procedural law D) administrative law
A) private law
A written consent from the patient is required from which of the following entities in order to learn a patient's HIV status? A) the patient's employer B) Centers for Disease Control C) attending physician D) health care workers responsible for treating the patient
A) the patient's employer
The legislation that required all federally funded facilities to inform patients of their rights under state law to accept or refuse medical treatment is known as A) durable power of attorney. B) Patient Self-Determination Act. C) living wills. D) advance directives.
B) Patient Self-Determination Act.
Centric Medical Center established a business associate agreement with Quenlinks Solutions to provide mobile devices for their physicians and nurses to enter patient information into the organization's EHR in real-time. Which of the following should be considered as a best practice for the use of mobile technology in this given scenario? A) safeguards and techniques for adequate protection of ePHI B) all of these answers apply C) identification of device ownership D) required authorization for mobile technology use
B) all of these answers apply
Which of the following measures should a health care facility incorporate into its institution-wide security plan to protect the confidentiality of the patient record? A) locked access to data processing and record areas B) all of these answers apply. C) verification of employee identification D) use of unique computer passwords, key cares, or biometric identification
B) all of these answers apply.
All of the following are elements of a contract EXCEPT A) acceptance. B) duty. C) offer/communication. D) price/consideration.
B) duty.
The ideal consent for medical treatment obtained by the physician is A) verbal. B) informed. C) implied. D) expressed.
B) informed.
Who decides whether all or portions of the medical record will be received in evidence in a court of law? A) subpoenaing attorney B) presiding judge/court C) defendant D) clerk of the court
B) presiding judge/court
As a general rule, a person making a report in good faith and under statutory command (e.g., on child abuse, communicable diseases, births, and deaths) is A) subject to penalties imposed by federal law. B) protected. C) subject to penalties imposed by state law. D) not protected from liability claims.
B) protected.
A medical malpractice claim involving a wrong-site surgery was heard in a higher court, which resulted in the health care facility's requirement to pay the plaintiff $1 million in damages. A similar case with similar elements was also heard in a lower court, and thus the lower court followed the lead of the higher court in deciding the outcome of the case. The term that most appropriately describes the action of the lower court is A) writ of certiorari. B) stare decisis. C) res judicata. DO res ipsa loquitor.
B) stare decisis.
HIM personnel charged with the responsibility of bringing a medical record to court would ordinarily do so in answer to a A) deposition. B) subpoena duces tecum. C) personal subpoena. D) judgment.
B) subpoena duces tecum.
Elements of a breach notification should include all of the following EXCEPT A) what the entity is doing to investigate, mitigate, and prevent future occurrences. B) the name of the individual within the entity responsible for the breach so that a civil claim can be filed against the individual. C) a description of what occurred, including the date of the breach and the date the breach was discovered. D) steps individuals should take in order to protect themselves.
B) the name of the individual within the entity responsible for the breach so that a civil claim can be filed against the individual.
Which of the following agencies is empowered to implement the law governing Medicare and Medicaid? A) Department of Health and Human Services B) Joint Commission C) Centers for Medicare and Medicaid Services (CMS) D) Institutes of Health
C) Centers for Medicare and Medicaid Services (CMS)
While performing routine quantitative analysis of a record, a medical record employee finds an incident report in the record. The employee brings this to the attention of her supervisor. Which best practice should the supervisor follow to deal with this situation? A) Remove the incident report and send it to the patient. B) Remove the incident report and have nursing personnel transfer all documentation from the report to the medical record. C) Refer this record to the risk manager for further review and removal of the incident report. D) Tell the employee to leave the report in the record.
C) Refer this record to the risk manager for further review and removal of the incident report.
Which of the following would be an inappropriate procedure for the custodian of the medical record to perform prior to taking a medical record from a health care facility to court? A) Prepare an itemized list of sheets contained in the medical record. B) Number each page of the record in ink. C) Remove any information that might prove detrimental to the hospital or physician. D) Document in the file folder the total number of pages in the record.
C) Remove any information that might prove detrimental to the hospital or physician.
In general, which of the following statements is correct? A) When federal and state laws conflict, valid corporate policies supersede federal and state laws. B) When federal and state laws conflict, valid local laws supersede federal and state laws. C) When federal and state laws conflict, valid federal laws supersede state laws. D) When federal and state laws conflict, valid state laws supersede federal laws.
C) When federal and state laws conflict, valid federal laws supersede state laws.
Which of the following is considered confidential information if the patient is seeking treatment in a substance abuse facility? A) patient's name B) patient's diagnosis C) all of these answers apply D) patient's prognosis
C) all of these answers apply
A valid authorization for release of information contains A) the date and signature of the patient or the patient's authorized representative. B) the name of the hospital or provider who is releasing the medical information. C) all of these answers apply. D) the name, agency, or institution to which the information is to be provided.
C) all of these answers apply.
HIM professionals have a duty to maintain health information that complies with A) state statutes. B) accreditation standards. C) all of these answers apply. D) federal statutes.
C) all of these answers apply.
Mandatory reporting requirements for vital statistics generally A) require authorization by the physician. B) do not apply to health care facilities. C) do not require authorization by the patient. D) require authorization by the payer.
C) do not require authorization by the patient.
Which of the following is needed when a physician conducts an invasive procedure? A) advanced directive B) living will C) informed consent D) general consent
C) informed consent
An improper disclosure of patient information to unauthorized individuals, agencies, or news media may be considered a(n) A) libel. B) defamation. C) invasion of privacy. D) slander.
C) invasion of privacy.
All of the following are examples of intentional torts EXCEPT A) assault and battery. B) defamation of character. C) misfeasance. D) invasion of privacy.
C) misfeasance.
In which of the following circumstances would release of information without the patient's authorization be permissible? A) release to an attorney B) release to state workers' compensation agencies C) release to third-party payers D) release to insurance companies
C) release to state workers' compensation agencies
All of the following may present challenges to informed consent EXCEPT A) the patient was not permitted an opportunity to ask questions. B) the risks and benefits of the proposed treatment or procedure were not disclosed. C) the treating physician obtained the patient's signature. D) the consent was written in a language that the patient could not understand. INCORRECT
C) the treating physician obtained the patient's signature.
Historically, individually identifiable information for deceased individuals regardless of the time of death was covered under the HIPAA Privacy Rule. However, under the HITECH, individually identifiable information for deceased individuals is no longer covered after _____ years. A) 30 B) 40 C) 60 D) 50
D) 50
A covered entity must act on a request for accounting disclosures no later than _____ days after its receipt and within ______ days of extension, as long as it notifies the individual in writing of the reasons for the delay and when the accounting will be made available. A) 30, 60 B) 45, 60 C) 45, 30 D) 60, 30
D) 60, 30
The minimum record retention period for patients who are minors is A) age of majority. B) 2 years past treatment. C) 5 years past treatment. D) age of majority plus the statute of limitations.
D) age of majority plus the statute of limitations.
Who of the following who are permitted to have access to patient health records and information without the patient authorization as part of their training program? A) HIM students B) nursing students C) medical students D) all of these answers apply
D) all of these answers apply
When substituting a photocopy of the original record in response to legal process, which of the following can be helpful in convincing the court to accept the photocopy as a true and exact copy of the original? A) correspondence from the attending physician B) consent from the hospital administrator C) consent from the patient D) certificate of authentication
D) certificate of authentication
Darling v. Charleston Community Memorial Hospital is considered one of the benchmark cases in health care because it was with this case that the doctrine of _______________ was eliminated for nonprofit hospitals. A) contributory negligence B) professional negligence C) corporate negligence D) charitable immunity
D) charitable immunity
In ensuring security compliance, the Department of Health and Human Services has a seven-step guide to implementing a security management process. All of the following are steps within this processes EXCEPT A) develop an action plan. B) manage and mitigate risks. C) lead your culture, select your team, and learn. D) develop a contingency plan.
D) develop a contingency plan.
The family of Mr. Kent filed a wrongful death lawsuit against Pier Memorial Hospital 10 years after the procedure was performed. In order to avoid the risk of Mr. Kent's electronic medical record being destroyed, a _______ was ordered by the court. A) subpoena duces tecum B) spoliation hold C) restitution waiver D) legal hold
D) legal hold
An interning medical student at the Goodwill Community Hospital accessed several patients' files to obtain their names, DOB, and Social Security numbers, which were used to impersonate patients and file claims with multiple insurance companies in hopes of receiving payment to cover the remaining tuition fees for medical school. This act can be best categorized as A) defamation of character. B) a negligent act. C) spoliation. D) medical identity theft.
D) medical identity theft.
Many states have recognized a minor's right to seek treatment without parental consent in all of the following situations EXCEPT a(n) A) minor seeking treatment for a sexually transmitted disease. B) emancipated minor seeking treatment for breast enlargement. C) minor seeking treatment for alcohol and substance abuse. D) minor seeking treatment for breast reduction.
D) minor seeking treatment for breast reduction.
Dr. Sam Vineyard improperly performed a knee replacement surgery, which caused the patient to develop an infection that lead to the amputation of the leg and thigh. The best term to describe the action performed is A) nonfeasance. B) malpractice. C) malfeasance. D) misfeasance.
D) misfeasance.
Which two theories of negligence are used to hold health care facilities accountable for the actions of its employees? A) invasion of privacy and fraud B) defamation and fraud C) assault and battery D) respondent superior and corporate negligence
D) respondent superior and corporate negligence
Which of the following is an example of the breach of confidentiality? A) a nurse speaking with the physician in the patient's room B) the admission clerk verifying over the phone that the patient is in-house C) the hospital operator paging code blue in room 3 north D) staff members discussing patients' information in the elevator
D) staff members discussing patients' information in the elevator
According to the American Reinvestment Recovery Act, all of the following are elements of a compliance report relating to privacy and security of health information with the exception of A) the number of complaints resolved informally. B) the number of complaints. C) the number of compliance reviews conducted and the outcome. D) the number of audits that are anticipated to be performed.
D) the number of audits that are anticipated to be performed.