HIM 226 FINAL
red flag rules
-alerts/notifications/warnings from a consumer reporting agency-suspicious documents-suspicious personally identifying info such as suspicious address-unusual use of, or suspicious activity relating to, a covered account-notices from customers, victims of identity theft, law enforcement authorities, or other businesses about possible identity theft in connection with an account.
general principles of risk mgmt
-identify areas of operational/financial risk or loss to facility, patients, visitors, employees-to implement measures to lessen effects of unavoidable risks and losses-prevents recurrences of those risks or losses-cover inevitable losses at lowest cost
FALSE
AHIMA reinforces patient rights of access to their own info when the health record is in electronic format.
TRUE
An original goal of HIPAA administration simplification was to standardize the electronic transmission of health data.
values
Concepts that give meaning to a person's life, based in society/family/religion, conflict may arise when these differ between countries or groups - basis for ethics, morals, etiquette and law - hard work, honesty, sincerity, genuineness, cleanliness
TRUE
The Security Rule requirement for effective information security policies encompasses the concept by handling data destruction.
ethics
The formal study of moral choices that conform to standards of conduct, listening to one's conscience & making judgements between right & wrong, basis in philosophy, choice is internal, breaking codes results in disapproval of at least one segment of society - no universal right answer exists that can be applied to every situation
morals
The principles, fundamental standards of right conduct that individuals internalize, based in religious belief and personal choice, ethics put morals into practice by making judgments with clarity and consistency
etiquette
The social code of custom and ritual, based in society, now humans relate to one another under certain circumstances, courtesy, politeness, proper dress (wedding, presidential inauguration), social code
physician-patient privilege
applies to the introduction of evidence at trial and is used to prevent the forced disclosure or testimony about info obtained by the healthcare provider during the course of treatment.
jurisdiction
authority by which courts and judicial officers may hear and decide a case
personal health record
a collection of a patient's important health info that can be drawn from multiple sources and that is managed, shared and controlled by or primarily for the individual patient.
misdemeanors
a crime of a less serious nature punishable by a fine or a term of imprisonment of less than a year.
electronically stored information
a distinct category of information that includes emails, web pages, word processing files and data magnetic disks.
fraud and abuse
a false misrepresentation of fact that is relied on by another to that person's detriment and is a departure from reasonable use. this false misrepresentation of fact may take the form of words or conduct.
hybrid record
a health record that is part paper-based and part electronic.
common law
a law found in the decisions of the courts rather than in statutes, judge made law
private law
a law that regulates conflicts between private parties (contract law, tort law)
statutory law
a legislative act passed by Congress
alternative dispute resolution
a practice involving several methods of resolving conflicts and disagreements to the satisfaction of all parties without using the court system. an acceptable option to resolve cases via court system for civil cases.
TRUE
a show cause order is a court decree directing a person or organization to appear in court and explain why the court should not take a proposed action.
patient's rights
addressed in terms of confidentiality and privacy. Role of patient has changed. Limitations on patient participation in care like insurance pre-approval requirements, third party payer controlling funds, approval for hospital admit. Expanded recognition, rise in consumer activism, move away from paternalism in medicine. Entitled to decide for herself-consent to treatment or refuse care.
TRUE
an HIM professional possesses an ethical obligation to protect patient privacy and the confidential info contained in the patient's health record.
court order
an adjudication by the court - the ruling by a court with respect to a motion or any other question before it for determination during the course of a proceeding.
motion to quash
an approved method to challenge the validity of a subpoena duces tecum.
risk management
an improvement technique designed to achieve two purposes: identify areas of operational and financial risk or loss to a healthcare facility and its patients, visitors, and employees - and - implement measures to lessen the effects of unavoidable risks and losses, prevent recurrences of these risks or losses, and cover inevitable losses, at the lowest cost. it is a management function that is outcome oriented.
quality management
an improvement technique that examines patterns of activity to define optimum performance and determine how to achieve that performance. it is a clinical function that is process oriented and focuses on the improvement of patient care.
TRUE
an individual's request that a covered entity attach an amendment to his or health health record can be denied if the PHI in question was not created by the covered entity.
sentinel event
an unexpected occurrence involving death or serious physical or psychological injury, or other risks thereof, serious injury includes loss of limb or limb function.
hospital-patient relationship
begins when the patient is voluntarily admitted to the hospital and agrees to pay for the treatment to be rendered. the relationship ends when the patient leaves the hospital through discharge or against medical advice.
physician-patient relationship
begins when the patient request treatment and the physician agrees to render treatment.
law
body of rules of action or conduct with binding legal force, choice is external: based in a controlling authority (legislature), minimum level of expectations for right and wrong, to control behavior and protect the public, breaking results in penalties enforced by law. 2 types in US, public and private.
health record content
characteristics essential to constitute an adequate medical record
steps in ethical decision making
clearly define issues, determine facts of situation, determine stakeholders/values at stake/obligations, determine/evaluate options, decide what should be done, justify decision, implement decision, evaluate outcome, examine how to prevent recurrence
utilization review
clinical review of the appropriateness of admission and planned use of resources that can be and often is initiated prior to admission and conducted at specific time frames.
subpoena
command issued by a court or other authorized official to appear and/or present certain docs and other things
nonintential torts
committed by persons who lack the intent to do something wrong
difference between comparative/distributive justice
comparative justice provides resources to those that need it most over those that do not. distributive justice ensures that resources are given out equally among all involved.
steps in civil lawsuit
complaint - discovery - pretrial conference - trial - appeal - satisfying the judgment
authentication
confirms entry either by written signature, initials or computer generated signature code
comparative vs contributory negligence
contributory is conduct of plaintiff that contributes in part to injury plaintiff rec'd and cause plaintiff to lose even if prove every element of claim. comparative builds on concept above but not as harsh result. rather than lose case, plaintiff receives reduce amt of damages. comparative measure by %. under both, negligence of plaintiff not in question. comparative give some compensation, contributory doesn't.
TRUE
court order authorizes disclosure...subpoena does not
TRUE
credentialing applies to medical staff appts, medical staff reappointments and the granting of specific clinical privileges.
subpoena duces tecum
cues tecum means bring with you under penalty. a written command requiring a witness to come to court to testify and at that time to produce for use as evidence the papers, documents, books or records listed in the subpoena. often used in the context of him to command the custodian of the records to produce a particular record at trial or deposition and provide testimony to the authenticity of the record produced.
summons
document used to start a civil action and acquire jurisdiction over a defendant.
FALSE
each state has trial courts, intermediate courts of appeal and supreme courts.
electronic vs paper based records
electronic on disc, paper must be copied
benefits of effective compliance program
ensures estab of effective internal controls that promote adherence to local, state and fed laws and regs and program requirements of fed, state and private health plans. provider reduce exposure to civil damages and penalties, criminal sanctions and admin remedies. greater ability to assess/improve efficiency, effectiveness and quality of patient services
TRUE
ethical coeds of professional associations define the ethical and moral standards of the profession.
record retention policies
general principles determining the length of time health data, and the health records in which those data are stored, must be maintained by the healthcare provider.
specialized patient records
health records of patients undergoing treatment for certain illnesses, such as substance abuse, mental illness, or in nonacute care settings, such as the patient's home. these records are subject to different legal requirements from those in an acute care setting.
authorship
identifies the healthcare provider who has made the entry, either in writing, by dictation, by keyboard, or by keyless data entry.
TRUE
if a patient files a lawsuit about their own health condition then doctor can speak about it.
ethical role of supervisor
in an organization, role model, encourage ethical behavior and monitor employee conduct.
FALSE
incident reports are kept in the patient record.
autonomy
independence, self-determination, freedom - main elements are ability to decide, power to actualize/implement a decision, respect for the autonomy of others
protected health info (PHI)
individually identifiable health info that is transmitted by electronic media, maintained in electronic medium, or transmitted or maintained in any other form or medium.
TRUE
justice refers to the obligation to be fair to all people.
statutes of limitation
law that sets forth a fixed time period in which a lawsuit must be brought.
defamation
libel or slander, the written or oral publication, false or intentional, of anything that is injurious to the good name or reputation of another person.
TRUE
the privacy rule state that an individual has the right to receive an accounting of certain disclosures made by a covered entity within the 3 years prior to the date on which the accounting is requested.
False Claims Act
linchpin for prosecution of healthcare fraud and abuse. used to protect govt against those who charge for services not rendered and often used in Medicare/medicaid context. violated by knowingly submitting false or fraudulent claim to govt or by making false statement in order to get claim approved or paid.
malpractice
misconduct involving a professional who fails to follow a standard of care prevalent for his or her profession that results in harm to another person.
difference between specialized patient records and general health record
nature of the information present in the record. specialized also contain therapeutic, mental and emotional info in addition to truly medical info in general record. volume of this therapeutic mental/emotional info ofter greater than what in gen health record. specialized raises storage concerns due to volume in turn affecting record retention policies. who makes entries in the records. gen record by profs license/certified. specialized record also have paraprofs entries like teachers/counselors. specialized subject to stricter confidentiality requirements than gen record.
business associate
one who performs or assists in performing a function or activity involving the use of disclosure of individually identifiable health information on behalf of a covered entity. is not a member of the health-care provider's workforce, such as employee, trainee, or volunteer. services provided by associate may be billing, claims processing, data analysis, utilization review and quality assurance, legal, actuarial, accounting, consulting or management.
digital imaging
permits a paper document to be scanned on a device that works similarly to a photocopier.
admissible
pertinent and proper evidence. rules of evidence determine if evidence is pertinent and proper.
steps in utilization review process
preadmission review - admission review - concurrent review - discharge planning - audits/reviews
double effect principle
recognizes that ethical choices may result in unexpected/unintended outcomes. when the actual outcome is not the intended outcome but a secondary outcome. this is outweighed by the intended positive or neutral outcome.
competent individual
right to consent to treatment, right to refuse treatment and right to access his or her own PHI
true
security of health information falls within the traditional role of the health information manager.
conflict of interest
self interest vs. obligation to group, use of position to promote self interest, appearance of impropriety. examples are accepting favors from a vendor or second job w/competitor. one of the most significant ethical challenges. actual vs potential
state retention requirements
should be considered first when establishing health record retention policies.
ethical challenges
situations in which no clear-cut answer exists and an individual is required to make a choice between two or more equally unfavorable alternatives or between a neutral alternative and a tempting but unfavorable alternative.
ethical guidelines
standards of conduct issued by professional organizations to guide their members' future course of action.
defenses commonly raised in lawsuits involving healthcare providers
statute of limitation (fix time lawsuit can be brought is passed), charitable immunity (keeps assets intended for charity purposes not be used for improper reasons), governmental immunity (preclude plaintiff meritorious lawsuit against govt entity unless entity consents to suit), good samaritan statutes (protect physician/rescuers from civil liability from acts/omissions in render emerg care), contributory and comparative negligence, assumption of risk (plaintiff voluntary exposes self to known/appreciated danger), apologies (permit phys to apologize to fam/pat without fear of liability)
TRUE
telemedicine is the use of electronic communications and info technologies to provide or support clinical care at a distance.
equal employment opportunity act
the 1972 amendment to the civil rights act of 1964 prohibiting discrimination in employment on the basis of age, race, color, religion, sex, or national origin.
public law
the body of rules and principles governing the rights and duties between government and a private party, or between two parts or agencies of government. it defines appropriate behavior between citizens, organizations, and government. (criminal law, constitutional law, substantive law, and procedural law).
legal health record
the business record generated at or by the health0care provider or organization that addresses the patient's episode of care that was delivered by the provider or organization.
invasion of privacy
the dissemination of information about another person's private, personal matters.
fair labor standards act of 1938
the federal legislation that sets the minimum wage and overtime payment regulations.
confidentiality
the obligation of the healthcare provider to maintain patient information in a manner that will not permit dissemination beyond the healthcare provider. duty belonging to the healthcare provider.
TRUE
the privacy office is responsible for handling complaints about the covered entity's violations of the privacy rule, developing and implementing privacy policies and procedures, and providing info about the covered entity's privacy practices.
appeal
the process by which a higher court is requested by a party to a lawsuit to review the decision of the lower court. such reconsideration is normally confined to a review of the record from the lower court, with no new testimony taken and no new issues raised. review by the higher court may result in affirmation, reversal, or modification of the lower court's decision.
privacy
the right to be let alone and other times as the right to control personal information. a right belonging to the patient.
damages
the sum of money that may be recovered in the courts as financial reparation for an injury or wrong suffered as a result of breach of contract or tort.
medical abandonment
the unilateral severing, by the physician, of the physician-patient relationship without providing the patient with reasonable notice at a time when there is a necessity for continuing care.
mediation
the use of a neutral third party to assist both sides of a dispute in resolving their differences and reducing their resolution to writing. the resolution is based on the parties' agreement.
TRUE
the use or disclosure of PHI for marketing does not require written authorization for face-to-face communications with the individual.
release of information
the written consent form that permits the dissemination of confidential health information to third parties. the components of a valid release of information are determined by state law and federal and state regulation.
spoliation
the wrongful destruction or material alteration of evidence or the failure to preserve property or data for another's use as evidence when litigation is pending or reasonably foreseeable. a hospital employee may destroy record so contents damaging to employee not be used at trial. in legal terms, employee actions. intentional destruction, mutilation, alteration, concealment of info relevant to legal proceeding.
discovery
those devices or tools used by one side to obtain facts and information about the case from the other side in order to prepare for trial. process used by parties to obtain information that relates to the subject matter of a lawsuit or an administrative agency proceeding.
information security policies
those policies that define the framework around which an information security program is managed.
TRUE
under the privacy rule, a healthcare provider does not have to obtain a patient's consent to use or disclose PHI for fundraising, marketing or treatment, payment or healthcare ops. they only have to provide notice of privacy practices.
how esi differs from paper info
volume (esi not take up as much space), variety of sources (electronic reside in multiple places-laptops, servers, backup tapes etc), dynamic quality (ability to chg/mutate data), hidden info (metadata and embedded data), reliance upon systems (complex esi only comprehensive/usable if not separate from system that created it), deletion (esi recoverable from many sources even if deleted from medium orig stored)
informed consent
when patients themselves decide to consent to or forgo treatment.
TRUE
with regard to training in PHI policies and procedures, every member of the covered entity's workforce must be trained.
advanced directives
written instructions recognized under state law, such as living wills or durable powers of attorney for healthcare, that relate to the kind of healthcare the patient wishes to have or not have when incapacitated.
code of ethics
written list of a profession's values and standards of conduct