RHIA
Res judicata
"Matter already judged"; a legal doctrine that bars litigation between the same parties on matters already determined in a former lawsuit In the case of res judicata, the matter cannot be raised again, either in the same court or in a different court. A court will use res judicata to deny reconsideration of a matter.
Access control
-The first Technical Safeguard Standard of the HIPAA Security Rules -Responsibility for all healthcare providers to allow access only to those users (or software programs) that have been granted access rights
Middle process of revenue cycle
-ensure accurate & complete coding -identify reimbursable services -manage medical malpractice
Physical Safeguards
-make sure data is physically protected =security systems and video surveillance, door and window locks, locations of servers and computers -polices about mobile devices and removing hardware and software from certain locations
Device and media controls
-physical safeguards -requires covered entities to develop policies and procedures that will guard the electronic protected health information (EPHI) on both hardware and movable media
Administrative Safeguards
-polices and procedures that help protect against a breach -determine documentation processes, roles, and responsibilities, training requirements, data maintenance policies and more -ensure that physical and technical protections are implemented properly and consistently -document retention
Technical Safeguards
-technology and related polices that protect data from unauthorized access
A breach occurs when unsecured protected health information is accessed or released. The Secretary of HHS and local media must be notified if this threshold of patient records breached has been met or exceeded.
500
fee schedule
A list of charges or established allowances for specific medical services and procedures
Temporary
A one-time revision that affects the budget in the current fiscal year only
What term is used to represent a difference between the budgeted amount and the actual amount of a line item that is not expected to reverse itself during a subsequent period?
A permanent variance
Deliverables
A tangible output produced by the completion of project tasks
All of the following are examples of 501(c)(3) organizations, except: AHIMA Habitat for Humanity the Red Cross the American Cancer Society
AHIMA
What is a measure of efficiency for revenue cycle?
Accounts receivable days
Damages awarded in a malpractice negligence case intended to restore the person to her position before the injury occurred is known as:
Actual damages
What type of access safeguard is more people-focused in nature? a. Technical b. Administrative c. Physical d. Addressable
Administrative safeguards are people-focused and include requirements such as training and assignment of an individual responsible for security
ADT Interface
Admission Discharge Transfer (ADT) Interface Used to maintain MPI Covers a lot of use cases such as admissions, cancellation of admits, merging of patient data, etc.
Conversion factor
An across-the-board multiplier that sets the allowance for the relative values - a constant
Compliance Audit
An audit to measure the compliance of the organization with some established criteria (e.g., laws and regulations, or internal control policies and procedures).
external audit
An evaluation conducted by one organization, such as a CPA firm, on another.
University Medical Center contracts with the XYZ Corporation for a clinical information system. The hospital pays a fixed monthly fee. XYZ owns the hardware and hosts the application software using the Internet. The Medical Center accesses the system through onsite workstations. In this situation, XYZ Corporation is a(n): a. Application service provider b. Neural network c. Health information system database d. Clinician portal
Answer: A
Community Hospital wants to provide transcription services for transcription of office notes of the private patients of physicians. All of these physicians have medical staff privileges at the hospital. This will provide an essential service to the physicians as well as provide additional revenue for the hospital. In preparing to launch this service, the HIM director is asked whether a business associate agreement is necessary. Which of the following should the hospital HIM director advise to comply with HIPAA regulations? a. Each physician practice should obtain a business associate agreement with the hospital. b. The hospital should obtain a business associate agreement with each physician practice. c. Because the physicians all have medical staff privileges, no business associate agreement is necessary. d. Because the physicians are part of an Organized Health Care Arrangement (OHCA) with the hospital, no business associate agreement is necessary.
Answer: A If physicians were to dictate information on patients they are treating in the facility, the disclosure of protected health information to the transcriptionists would be considered healthcare operations and, therefore, permitted under the HIPAA Privacy Rule. If physicians, who are separate covered entities, are dictating information on their private patients, however, it would be necessary for physicians to obtain a business associate agreement with the facility. It is permitted by the Privacy Rule for one covered entity to be a business associate of another covered entity
The Security Rule leaves the methods for conducting the security risk analysis to the discretion of the healthcare entity. The first consideration for a healthcare facility should be: a. Its own characteristics and environment b. The potential threats and vulnerabilities c. The level of risk d. An assessment of current security measures
Answer: A Before an organization can decide on the methods for conducting the security risk analysis, they must consider their own characteristics and environment and implement reasonable and appropriate measures to protect against reasonably anticipated threats and hazards to the security of PHI. The security risk analysis process provides covered entities and business associates with the structural framework upon which to build their security plan
One strategy for acquiring EHR components from various vendors and interfacing them is: a. Best-of-breed b. Best-of-fit c. Dual core d. Integration
Answer: A Best-of-breed is when an organization has acquired the "best" products from various vendors. The result is that each individual organizational unit may be happy with its chosen product, but as the organization moves toward adding clinical components that rely on the various other systems as a source of data or to which data must be sent, the challenge to exchange such data can be overwhelming
Which of the following is used to reconcile accounts in the patient accounting department? a. Explanation of benefits b. Medicare code editor c. Preauthorization form d. Fee schedule
Answer: A In the claims reconciliation process, the healthcare facility uses the explanation of benefits, Medicare Summary Notice, and the remittance advice to reconcile accounts
A hospital currently includes the patient's social security number on the face sheet of the paper medical record and in the electronic version of the record. The hospital risk manager has identified this as a potential identity breach risk and wants the information removed. The physicians and others in the hospital are not cooperating, saying they need the information for identification and other purposes. Given this situation, what should the HIM director suggest? a. Avoid displaying the number on any document, screen, or data collection field b. Allow the information in both electronic and paper forms since a variety of people need this data c. Require employees to sign confidentiality agreements if they have access to social security numbers d. Contact legal counsel for advice
Answer: A It is generally agreed that Social Security numbers (SSNs) should not be used as patient identifiers. The Social Security Administration is adamant in its opposition to using the SSN for purposes other than those identified by law. AHIMA is in agreement on this issue due to privacy, confidentiality, and security issues related to the use of the SSN
Working with the healthcare entity's integration team to ensure that ADT interfaces are properly built and tested is the responsibility of the: a. MPI manager b. EHR analyst c. IT manager d. Electronic forms manager
Answer: A Monitoring and managing a master patient index (MPI) also requires constant vigilance from the organization, including oversight, evaluation, and correction of errors. The overall responsibility of maintaining the MPI should be centralized and given to an individual who is detail oriented, is properly trained, has access to adequate tools, and is well versed in the organization's policies and procedures for MPI maintenance. Working with the organization's integration team to ensure ADT interfaces are properly built and tested is a key responsibility of the MPI manager
An HIM professional violates privacy protection under the HIPAA Privacy Rule when he or she releases ________ without specific authorization from the patient(s) or patient representative(s). a. A list of newborns to the local newspaper for publication in the birth announcements section b. Data about cancer patients to the state health department cancer surveillance program c. Birth information to the country registrar d. Information about patients with sexually transmitted infections to the county health department
Answer: A The Privacy Rule provides patients an opportunity to agree or object to specific types of disclosure. These do not require a written authorization; verbal authorization is acceptable. However, communication with the patient regarding these types of disclosures and the patient's decision should be documented in the health record or other appropriate manner of documentation
An audit trail is a good tool for which one of the following? a. Holding an individual patient accountable for actions b. Reconstructing electronic events c. Defending the corporation against an IRS audit d. Stopping attacks from the intranet to the Internet
Answer: B An audit trail is a record that shows who accessed a computer system, when it was accessed, and what operations were performed. These can be categorized as follows: individual accountability, reconstructing electronic events, problem monitoring, and intrusion detection
The relationship between patient gender and readmission to the hospital is best displayed using a: a. Frequency chart b. Contingency table c. Bar chart d. Pie chart
Answer: B Contingency tables are a useful method for displaying the relationship between two categorical variables. Contingency tables are often referred to by the number of rows and columns
A dietary department donated its old microcomputer to a school. Some old patient data were still on the microcomputer. What controls would have minimized this security breach? a. Access controls b. Device and media controls c. Facility access controls d. Workstation controls
Answer: B HIPAA requires the implementation of policies and procedures for the removal of hardware and electronic media that contain ePHI into and out of a facility. There are four implementation specifications within this standard: disposal, media reuse, accountability, and data backup and storage. In this case the organization did not follow policies for the removal of hardware and electronic media
A possible justification for building an information system in-house rather than purchasing one from a vendor is that: a. It is cheaper to buy than to build b. The facility has development teams they do not want to give up c. Integration of systems will be easier d. Vendor products are not comprehensive enough
Answer: B Most organizations recognize that commercial products can meet their needs and that most of these products will far surpass the functionality that could be self-developed. Still, some organizations want to at least consider the build option. Some physicians are intrigued with developing their own perfect system, and some hospitals have development teams they do not want to give up. An organization's decision to build or buy should be based on a careful review of the marketplace. Currently, it is more expensive to undertake self-development. Unless self-development is coupled with a vendor partnership that leads to commercialization, a selfdeveloped system can be a drawback when attempting to integrate with commercial products as the organization grows, merges, or acquires affiliates
Under the HIPAA Security Rule, these types of safeguards have to do with protecting the environment: a. Administrative b. Physical c. Security d. Technical
Answer: B Physical safeguards have to do with protecting the environment, including ensuring applicable doors have locks that are changed when needed and that fire, flood, and other natural disaster preparedness is in place (for example, fire alarms, sprinklers, smoke detectors, raised cabinets). Other physical controls include badging and escorting visitors and other typical security functions such as patrolling the premises, logging equipment in and out, and camera-monitoring key areas. HIPAA does not provide many specifics on physical facility controls but does require a facility security plan with the expectation that these matters will be addressed
Which of the following represents data flow for a hospital inpatient admission? a. Registration > diagnostic and procedure codes assigned > services performed > charges recorded b. Registration > services performed > charges recorded > diagnostic and procedure codes assigned c. Services performed > charges recorded > registration > diagnostic and procedure codes assigned d. Diagnostic and procedure codes assigned > registration > services performed > charges recorded
Answer: B The data flow for a hospital inpatient can begin in several ways. Data collection starts in the registration department if patients are a direct admission for their physician's office or hospital outpatient department. Data collection begins in the emergency room if the patients arrive at the hospital, are assessed in the emergency room, and are admitted as an inpatient. No matter where the data collection begins, the same patient demographic information is collected. During the course of the inpatient stay, patient care is delivered and data is captured. As care is delivered and procedures are performed, charges are entered either by nursing staff or the personnel performing the procedure. After the patient is discharged, diagnosis and procedure codes are assigned.
A hospital health information department receives a subpoena duces tecum for records of a former patient. When the health record professional goes to retrieve the patient's medical records, it is discovered that the records being subpoenaed have been purged in accordance with the state retention laws. In this situation, how should the HIM department respond to the subpoena? a. Inform defense and plaintiff lawyers that the records no longer exist b. Submit a certification of destruction in response to the subpoena c. Refuse the subpoena since no records exist d. Contact the clerk of the court and explain the situation
Answer: B Those who choose to destroy the original health record may do so within weeks, months, or years of scanning. If the record was destroyed according to guidelines for destruction and no scanned record exists, the certificate of destruction should be presented in lieu of the record
Employees, volunteers, trainees, and other persons performing functions on behalf of covered entities and business associates, whether paid or not, are considered to be: a. Consultants b. Workforce c. Immune from prosecution under HIPAA d. Vendors
Answer: B When applying HIPAA, covered entities must also consider members of their workforce who may not be limited only to employees. The Privacy Rules defines workforce as employees, volunteers, trainees, and other persons whose conduct in the performance of work for a covered entity (CE) or business associate is under the direct control of such CE or business associate whether or not they are paid by the CE or business associate
Patient accounting is reporting an increase in national coverage decisions (NCDs), and local coverage determinations (LCDs) failed edits in observation accounts. Which of the following departments will be tasked to resolve this issue? a. Utilization management b. Patient access c. Health information management d. Patient accounts
Answer: C
Jack Mitchell, a patient in Ross Hospital, is being treated for gallstones. He has not opted out of the facility directory. Callers who request information about him may be given: a. No information due to the highly sensitive nature of his illness b. Admission date and location in the facility c. General condition and acknowledgment of admission d. Location in the facility and diagnosis
Answer: C A facility may maintain a facility directory of patients being treated. HIPAA's Privacy Rule permits the facility to maintain in its directory the following information about an individual if the individual has not objected: name, location in the facility, and condition described in general terms. This information may be disclosed to persons who ask for the individual by name
Which of the following statements describes a critical skill for a strategic manager? a. Ability to change direction quickly b. Ability to deliver results on budget c. Ability to envision relationships between trends and opportunities d. Ability to design jobs and match peoples' skills to them
Answer: C Strategic managers develop skills reflecting the implications and opportunities afforded by trends. Whether reading a journal or discussing new ideas with others, strategic managers are always testing new ideas, identifying those that have merit, and discarding those that do not. They are creating links between the trends and the value-adding actions they can take
What architectural model of health information exchange allows participants to access data in point-to-point exchange? a. Consolidated b. Federated—consistent databases c. Federated—inconsistent databases d. Switch
Answer: C The Federated—inconsistent databases—model for HIE includes multiple enterprises agreeing to connect and share specific information in a point-to-point manner
Sometimes federal and state health information privacy laws and regulations are in conflict. When this is the case one law must take precedence. For health information privacy this is determined as follows: a. The federal law always takes precedence b. The state law always takes precedence c. The law that gives the consumer greater rights with respect to their PHI takes precedence d. The facility can choose to follow either the state or federal law
Answer: C The Privacy Rule does not pre-empt or take precedence over the stricter or more stringent state statutes if the statutes provide individuals with greater privacy protections and give individuals greater rights with respect to their PHI
The Privacy Rule generally requires documentation related to its requirements to be retained: a. 3 years b. 5 years c. 6 years d. 10 years
Answer: C The Privacy Rule uses six years as the period for which Privacy Rule-related documents must be retained. The six-year time frame refers to the latter of the following: the date the document was created or the last effective date of the document. Such documents include policies and procedures, the notice of privacy practices (NPP), complaint dispositions, and other actions, activities, and designations that must be documented per Privacy Rule requirements
Placing locks on computer room doors is considered what type of security control? a. Electronic access control b. Workstation control c. Physical access control d. Security breach
Answer: C The facility security plan should document the use of physical access controls. To meet the implementation specification, organizations should consider methods such as lock and key controls, security tagging equipment, using video cameras for surveillance, monitoring identification badges, and the use of human workforce to perform facilities security checks
Linda Wallace is being admitted to the hospital. She is presented with a Notice of Privacy Practices. In the Notice, it is explained that her PHI will be used and disclosed for treatment, payment, and operations (TPO) purposes. Linda states that she does not want her PHI used for those purposes. Of the options listed here, what is the best course of action? a. The hospital must honor her wishes and not use her PHI for TPO. b. The hospital may decline to treat Linda because of her refusal. c. The hospital is not required to honor her wishes in this situation, as the Notice of Privacy Practices is informational only. d. The hospital is not required to honor her wishes for treatment purposes but must honor them for payment and operations purposes.
Answer: C Treatment, payment, and healthcare operations (45 CFR 164.501)—collectively referred to as TPO—are functions of a covered entity (CE) that are necessary for the CE to successfully conduct business. It is not the intent of the Privacy Rule to impose onerous rules that hinder a CE's functions. Therefore, many of the Privacy Rule's requirements are relaxed or removed where PHI is needed for purposes of TPO
The HIPAA methods titled Expert Determination and Safe Harbor are ways in which the following can be achieved legally. a. Data analysis b. Reidentification c. Deidentification d. Public health reporting
Answer: C Expert Determination and Safe Harbor are Office of Civil Rights sanctioned HIPAA Privacy Rule deidentification methods. Deidentified information neither identifies nor provides a reasonable basis to identify an individual. There are two ways to deidentify information. (1) A formal determination is made by a qualified statistician. (2) The removal of specified identifiers of the individual and of the individual's relatives, household members, and employers is required, and is adequate only if the covered entity has no actual knowledge that the remaining information could be used to identify the individual
This federal agency is charged with responsibility for the oversight and enforcement of the HIPAA privacy regulations. a. The Office of the National Coordinator for Health Information Technology b. The Centers for Medicare and Medicaid Services c. The HHS Office of Civil Rights d. The HHS Office of the Inspector General
Answer: C The Office of Civil Rights of the Department of Health and Human Services has been given responsibility for the oversight and enforcement of the HIPAA regulations
Physicians use the ________ to access multiple sources of patient information within the healthcare organization's network. a. Data repository b. Clinical information system c. Data warehouse d. Clinician portal
Answer: D
This analytic technique is being used by CMS to assist in prepayment audits? a. Descriptive statistics b. Graphical analysis c. Exploratory data analysis d. Predictive modeling
Answer: D Predictive modeling applies statistical techniques to determine the likelihood of certain events occurring together. Statistical methods are applied to historical data to learn the patterns in the data. These patterns are used to create models of what is most likely to occur
Which request for proposal (RFP) component would fit the following description: Describe how your product supports the ability to register a patient in the clinic, admit the patient using the same health record number and demographic information, and share the medication list for medication reconciliation with the nursing home to which the patient is discharged. a. Application support b. Operational requirements c. Technical specifications d. Use case
Answer: D The use case is based on the organization's redesigned processes and ask the vendor how its products would perform the inherent functions. The approach is useful for avoiding yes and no responses.
A clinic has a contract with the city government to perform all new employee physicals and work injury evaluations. Is it appropriate that a patient's family history of cancer be reported to the employer? a. No, because this information is considered PHI b. No, unless the cancer diagnosis is still active c. Yes, because the employer has the right to access all information on its employees d. Yes, unless the employer has allowed for such exclusion
Answer: D Unless the employer has allowed for such exclusion, it is appropriate that a patient's family history of cancer be reported to the employer. In this case the patient is being treated or examined at the request of the employer so the employer is a business associate of the clinic
Which legal doctrine was established by the Darling v. Charleston Community Hospital case of 1965? a. Hospital-physician negligence b. Clinical negligence c. Physician-patient negligence d. Corporate negligence
Answer: D Corporate negligence is a legal doctrine that was established by a judicial decision handed down in the 1965 court case Darling v. Charleston Community Hospital. The court in this case ruled specifically that hospital governing boards have a duty to institute a means to evaluate and council medical staff who personally perform services on a patient that results in harm due to unreasonable risk. Hospitals may be held liable when a member of the medical staff fails to meet established standards of patient care
By querying the healthcare entity data, you find that patients admitted on a weekend have a mean length of stay that is 1.3 days longer than patients who are admitted Monday through Friday. This method of finding information is called: Data mining or SQL?
Answer: Data mining In data mining, the analyst performs exploratory data analysis to determine trends and identify patterns in the data set. Data mining is sometimes referred to as knowledge discovery. In healthcare, data mining may be used to determine if it is cost effective to expand facilities
Non-repudation
Authentication of EHR - document cannot later be denied by originator or receiver
Tort
Branch of civil law that is concerned with civil wrongs
Which data collection program is the basis for the CMS value-based purchasing program? a. Leapfrog b. HEDIS c. Hospital Compare d. HCUP
C
Changes and updates to ICD-10-CM are managed by the ICD-10-CM Coordination and Maintenance Committee, a federal committee cochaired by representatives from the NCHS and:
CMS
What is the term for contracts that separate out certain types of healthcare services to decrease MCO's risk?
Carve out
Diversity Jurisdiction
Citizens from different states are engaged in a lawsuit and: -no plaintiff is from the same state as any of the defendants and the amount in controversy is at least 75k
Computer output laser disk/enterprise report management (COLD/ERM) technology
Computer output laser disk/enterprise report management (COLD/ERM) technology electronically stores, manages, and distributes documents that are generated in a digital format and whose output data are report-formatted and print-stream originated. COLD/ERM technology not only electronically stores the report-formatted documents but also distributes them with fax, e-mail, web, and traditional hard copy print processes
Private (civil) law
Concerns the rights and duties between private parties businesses, non-criminal law torts, contracts, intellectual property
In assessing the quality of care given to patients with diabetes mellitus, the quality team collects data regarding blood sugar levels on admission and on discharge. This data is called a(n): a. Indicator b. Measurement c. Assessment d. Outcome
Correct Answer: A An indicator is a performance measure that enables healthcare organizations to monitor a process to determine whether it is meeting process requirements. Monitoring blood sugars on admission and discharge is an indicator of the quality of care delivered to the diabetes patient during the stay
In the APC system, a high-cost outlier payment is paid when which of the following occurs? a. The cost of the service is greater than the APC payment by a fixed ratio and exceeds the APC payment plus a threshold amount. b. The LOS is greater than expected. c. The charges for the services provided are greater than the expected payment. d. The total cost of all the services is greater than the sum of APC payments by a fixed ratio and exceeds the sum of APC payments plus a threshold amount.
Correct Answer: A An outlier payment is paid when the cost of the service is greater than the ambulatory payment classification (APC) payment by a fixed ratio and exceeds the APC payment plus a threshold amount
The concept of legal hold requires: a. Special, tracked handling of patient records involved in litigation to ensure no changes can be made b. Attorneys for healthcare entities to stop all activity with records involved in litigation c. All records involved in litigation to be printed and held in a locked cabinet d. To not allow further documentation to occur in any record involved in litigation
Correct Answer: A The legal hold requires special, tracked handling of patient records to ensure no changes can be made in a record involved in litigation. This is common in the paper record environments to substantiate the integrity of the record and less common in the electronic environment where audit logs are the standard. Record managers need to address the use of legal hold for patient records in any information mode or medium
If an analyst is studying the wait times at a clinic and the only list of patients available is on hard copy, which sampling technique is the easiest to use? a. Survey sampling b. Systematic sampling c. Cluster sampling d. Stratified sampling
Correct Answer: B A systematic random sample is a simple random sample that may be generated by selecting every fifth or every tenth member of the sampling frame. In order to ensure that a systematic random sample is truly random, the sample frame should not be sorted in an order that might bias the sample
Data-mining efforts of recovery audit contractors (RAC) allow them to deny payments without ever reviewing a health record based on the information they gather without having access to the record. Which of the following would be an example of a potential denial based on information the RAC contractor would have without the health record? a. A coder assigning the wrong DRG for a patient b. Billing for two colonoscopies on the same day for the same Medicare beneficiary c. An inaccurate principal diagnosis d. A principal procedure code
Correct Answer: B As healthcare organizations throughout the country have become more computer savvy, so too has the federal government. The data-mining efforts of the recovery audit contractors (RACs) allow them to deny payments without ever reviewing a health record. For example, duplicate billing, such as billing for two colonoscopies on the same day for the same Medicare beneficiary, is easy to identify as a potential improper payment. Through the use of the RACs' proprietary software, RACs are able to detect improper payments. Underpayment and overpayment amounts can be subject to an automated review
Using the staff turnover information in this graph, determine the next action the quality council at this hospital should take. a. Do nothing, as the data is below the external benchmark b. Coordinate a PI team to look into the cause for the high employee turnover rate in year 3 c. Coordinate a PI team to look into the cause for the drop in employee turnover rate in year 4 d. Do nothing, as the data is above the internal benchmark
Correct Answer: B The employee turnover rate is over the internal benchmark for this hospital, so a performance improvement (PI) team should be formed to determine what the causes for this increase were. This increase in the turnover rate represents an opportunity for improvement
The Joint Commission and CMS identify core measures that provide an indication of a healthcare facility's performance. Some of the core measure data sets include which of the following? a. Myocardial infarction, pneumonia, and HIV/AIDS b. Pneumonia, congestive heart failure, and gastric ulcers c. Pneumonia, congestive heart failure, and myocardial infarction d. Congestive heart failure, HIV/AIDS, and myocardial infarction
Correct Answer: C
Violation of the AHIMA Code of Ethics triggers: a. Automatic loss of AHIMA credentials b. Disciplinary actions and a fine c. A review by peers with potential disciplinary actions d. Nothing because a violation of ethics is not a big deal
Correct Answer: C A formal code of ethics ensures that professionals understand and agree to uphold an ethical standard that puts the interests of the profession before their personal interests. Violation of the AHIMA Code of Ethics triggers a peer review process
It is impossible to have health information interoperability or health information exchange without the following: a. 100 percent adoption of EHRs b. A federally mandated Data Use and Reciprocal Support Agreement c. Complete, publicly available standards d. ONC and CMS regulations
Correct Answer: C Complete, publicly available standards are required to be able to exchange data and information effectively. The market needs to focus on interoperability, the ability of different systems to work seamlessly. In health information, interoperability is expected to include transmitting the meaning of data
In healthcare, a data warehouse may be use for: a. Accounts receivable management b. Materials or inventory management c. Best practice guideline development d. Utilization review
Correct Answer: C Data warehouses are often hierarchical or multidimensional and are designed to receive very large volumes of data (often as an extraction of data from a repository) and perform complex, analytical processes on the data. Data can be mined and processed in many ways. For example, a data warehouse may be used for clinical quality improvement and best practice guideline development (Sandefer 2016, 376).
The patient has a biopsy of the colon followed by a hemicolectomy. In the ICD-10-PCS coding system, which procedure(s) are coded? a. The hemicolectomy only b. The biopsy only c. Both the biopsy and the hemicolectomy d. It depends on the results of the biopsy
Correct Answer: C ICD-10-PCS coding guideline B3.4b states that if a diagnostic Excision, Extraction, or Drainage procedure (biopsy) is followed by a more definitive procedure, such as Destruction, Excision, or Resection at the same procedure site, both the biopsy and the more definitive treatment are coded
Which of the following requires financial institutions to develop written medical identity theft programs? a. HIPAA Security Rule b. HITECH Act c. Fair and Accurate Credit Transactions Act d. HIPAA Privacy and Security Rule
Correct Answer: C In 2007, Identity Theft Red Flags and Address Discrepancy Rules were enacted as part of the Federal Fair and Accurate Credit Transactions Act (FATCA) of 2003. The FATCA requires financial institutions and creditors to develop and implement written identity theft programs that identify, detect, and respond to red flags that may signal the presence of identity theft
Which of the following do HIE participants use to search for health records on other healthcare organization systems using patient indexing and identification software? a. Admit, discharge, transfer b. Advance patient identifier c. Continuity of care document d. Record locator service
Correct Answer: D
A request for proposal (RFP) serves two important purposes: it solidifies the planning information and healthcare entity requirements into a single document, and it: a. Allows one vendor an advantage over the other potential vendors b. Delineates the entity's system requirements in such a way that a vendor is selected without review of the entire RFP pool c. Enables the healthcare entity to make decisions quickly d. Provides valuable insights into the vendors operations and products and levels the playing field in terms of asking all the vendors the same questions
Correct Answer: D A well-constructed RFP serves two important purposes. One is to solidify the planning information and organizational requirements into a single document, and the other is to provide valuable insights into the vendor's operations and products and to level the playing field in terms of asking all the vendors the same questions. This process requires skill and time
The federal physician self-referral statute is also known as the: a. Sherman Anti-Trust Act b. Deficit Reduction Act c. False Claims Act d. Stark Law
Correct Answer: D The Stark Law or Federal Physician Self-Referral Statute prohibits physicians from referring Medicare or Medicaid patients for certain designated health services to an entity in which the physician or a member of his immediate family has an ownership or investment interest, or with which he or she has a compensation arrangement, unless an exception applies
At the end of March, the HIM department has a YTD payroll budget of $100,000. The actual YTD amount paid is $95,000 because a coder resigned in February. For the past two months, the position has been filled through outsourcing. Therefore, the actual YTD amount for consulting services is $5,000, although no money was budgeted for consulting services. The reporting threshold for variances is 4 percent. The fiscal year-end is December. a. Favorable, permanent b. Unfavorable, permanent c. Favorable, temporary d. Unfavorable, temporary
Correct answer: B It is unfavorable and permanent because money that was not in the budget was spent on consulting services.
Differentiate civil and criminal law
Criminal law regulates crimes, and wrongs committed against the government. The plaintiff is always the state/federal government Civil law regulates disputes between private parties
This landmark case established that hospitals owe a duty to patients to provide quality care. The court said this includes proper accommodations, examination by skilled medical staff and review of the treatment received. This was the _____case, first applying the doctrine of _______.
Darling v. Charleston Community Memorial Hospital, corporate liability
data governance
Data governance is an emerging practice in the healthcare industry. Decision making and authority over data-related matters is data governance. It is clear that any industry as reliant on data as healthcare needs a plan for managing this asset
Fixed budget
Does not change or flex when sales or some other activity decreases; preparing a budget for the fiscal year based on past budget & expected capacity for the coming year
When an effective leader provides employees with information, responsibility, authority, and trust, this is called
Empowerment
What is the name of the notice sent after the provider files a claim that details amounts billed by the provider, amounts approved by the payer, how much the payer paid, and what the patient must pay?
Explanation of benefits
The GAAP and GAAS standards for accounting and auditing are established by the:
Financial Accounting Standards Board (FASB)
HIPAA - fundraising activities
For fundraising activities that benefit the covered entity (CE) 45 CFR 164.514 [f] permits the covered entity (CE) to use or disclose to a business associate or an institutionally related foundation, without authorization, demographic information and dates of healthcare provided to an individual. The CE must inform individuals on its notice of privacy practices (NPP) that PHI may be used for this purpose. If a fundraising activity targets individuals based on their diagnosis, prior authorization is required.
What is a characteristic of commercial healthcare insurances?
For-profit in the private sector
Federated-Consistent Databases
HIE model where organization acts much like an ASP or bank vault. Data is stored in separate vaults, but is managed centrally.
Switch
HIE organization that has no access to personal health information
Hospital Compare
Hospital Compare reports on 139 measures of hospital quality of care for heart attack, heart failure, pneumonia, and the prevention of surgical infections. The data available at Hospital Compare is reported by hospitals to meet the requirements of the Medicare Value Based Purchasing program. Hospitals that report all measures receive full payment updates from Medicare
Application service provider model
In an application service provider (ASP) model, there is much less upfront capital outlay and fewer IT staff required in-house. In fact, the ASP acquisition strategy may be considered essentially a financing model
Capital Budgets
Larger dollar purchases, useful life of one fiscal year
Uniform Electronic Transaction Act (UETA)
Makes electronic transactions as enforceable as paper transactions
Vicarious Liability
Organization responsible for negligent acts of its employees
Reviews the claim for errors using predetermined criteria
PC grouper or claim scrubber software
Which of the following is an example of an M:M relationship? Patients to hospital admissions Patients to consulting physicians Patients to hospital health records Primary care physician to patients
Patients to consulting physicians For each patient, there are many consulting physicians, for each consulting physician, there are many patients
In a partnership, all profits are considered: retained earnings reserves operational funds personal income
Personal income
DICOM (Digital Imaging and Communications in Medicine)
Protocol for transmission between imaging devices
LCD
Published by MAC to describe when and under what circumstances Medicare will cover a service (state level)
RAID
RAID is a data storage virtualization technology that combines multiple physical disk drive components into one or more logical units for the purposes of data redundancy, performance improvement, or both.
X12N
Referring to standards adopted for electronic data interchange
Type 1 error
Rejection of a true null hypothesis
In which type of reimbursement methodology, do healthcare insurance companies reimburse providers after the costs have been incurred?
Retrospective payment
Who is responsible for charge capture?
Staff
IEEE 1073
Standard for communication between bedside medical devices and patient care information systems.
Charge Description Master
Supplies, devices, medications Charge master reviews should be performed at least annually to review validity of CPTs
T/F: Care in a clinic is excluded from determinations of medical necessity
TRUE
LOINC
Terms and codes used for electronic exchange of lab results and clinical observations.
Focused Audit
The HIM department can plan focused reviews based on specific problem areas after the initial baseline review has been completed. This would be called a focused inpatient review
What are SOAP notes?
The Subjective, Objective, Assessment, Plan (SOAP) notes are part of the problem-oriented medical records (POMR) approach most commonly used by physicians and other healthcare professionals. SOAP notes are intended to improve the quality and continuity of client services by enhancing communication among healthcare professionals
How is the case-mix index calculated?
The case-mix index can be figured by multiplying the relative weight of each MS-DRG by the number of discharges within that MS-DRG. This provides the total weight for each MS-DRG. The sum of all total weights divided by the sum of total patient discharges equals the case-mix index. Calculation is as follows: (0.9321 × 10) + (0.7313 × 20) + (1.4261 × 10) + (0.9695 × 20) + (0.7111 × 10) = 64.709 / 70 = 0.9244 (weight x discharges) + (weight x discharges) = (weight x discharges) + (weight x discharges) + (Weight x discharges) = x / TOTAL DISCHARGES
Empowerment
The concept of providing employees with the tools and resources to solve problems themselves. In other words, employees obtain power over their work situation by assuming responsibility. Empowered employees have the freedom to contribute ideas and perform their jobs in the best possible way
Incidence rate
The incidence rate is a computation that compares the number of new cases of a specific disease for a given time period to the population at risk for the disease during the same time period
Sue presents with vaginal bleeding. An ultrasound showed a missed abortion so she is being admitted to the outpatient surgery suite for a D&C.
The patient meets the severity of illness with the vaginal bleeding but does not meet intensity of service because the surgery is not being performed as an inpatient. She would not meet the admission criteria provided.
A patient has a malunion of an intertrochanteric fracture of the right hip that is treated with a proximal femoral osteotomy by incision. What is the correct ICD-10-PCS root operation?
The root operation performed was division—cutting into a body part without drawing fluids or gases from the body part in order to separate or transect a body part. The intent of the operation was to separate the femur
What are required elements in an emergency care record?
Time and means of the patient's arrival, treatment rendered, and instructions at discharge
True or false: Individuals do not have the right to access to psychotherapy notes
True
True or false: Peripheral angiopathy is presumed when gangrene is present
True
Incident report
True: purposes include education of healthcare personnel to help prevent future incidents False: it is always discoverable in the litigation process
Medicare Summary Notice (MSN)
Type of remittance advice from Medicare to plan beneficiaries to explain how their benefits were determined. a summary of health care services and items you have received during the previous three months. The MSN is not a bill. The contractor that processes your claims for Medicare will send you the MSN, so it may have the name and address of a private company on it.
Case Mix group
Under the inpatient, rehab facility PPS (IRF-PPS) system, each patient is assigned a case-mix group (CMG). The CMG assignment is based on the primary condition for which the patient was admitted to the IRF or inpatient unit on the patient's functional and cognitive abilities at the time of the admission. The tier assignment is based on the presence of one or more specified secondary diagnoses, or commodities, that affect the resources needed to treat the patient. Each CMG and tier is assigned a relative weight (RW) that serves as the basis for the payment rate. The payment rate is adjusted at the facility level for teaching status, the applicable geographic wage index, and the percentage of low income patients served by the facility. Cases with extraordinarily high costs compare to the prospectively set payment may qualify for an outlier payment
What type of information makes it easy for hospitals to compare and combine the contents of multiple patient health records?
Uniform data sets - Clinical information is the basis for uniform data sets.
All ICD-10-PCS codes must be seven characters, and a character cannot be left blank. If a value does not exist for a given character, what character is used as the value?
Z
Claim rejection vs denied claim
a CLAIM REJECTION occurs prior to claim processing and is typically related to input errors or invalid data a DENIED CLAIM is processed by the payer and determined to be unpayable
remittance advice
a copy of the sales invoice returned with a customer's payment that indicates the invoices, statements, or other items being paid
Permanent
a permanent revision that affects the budget in the current fiscal year and all years going forward - ex: payroll
Flexible budget
adjusts or flexes with changes in volume or activity
A physician was sued for failure to perform services as expressly agreed; he made no mistakes in care of the patient, but did not perform a planned elective procedure. The patient took time off from work, incurred travel expenses in arranging for the agreed-upon surgery. The appropriate liability theory to apply here is:
breach of contract
Net present value
considers time value of money
Rolling budget
continually update to a new budget period as the most recent period is completed
Intentional torts
deliberate act, not negligence assault and battery: threat of/actual physical touching without consent Defamation: using false info that injures a person's reputation, in print, libel; oral, slander Invasion of privacy - deliberate use of private info without consent Medical abandonment - physician servers relationship with patient, harm results
revenue code
descriptions and dollar amounts charged for hospital services provided to a patient
DNFB
discharged no final bill - patient has been d/c - billing process is not complete (waiting for documentation to be coded)
Non intentional torts
failure to do something, mistake; injury/loss occurs reasonably prudent person standard Commonly malpractice: failure to follow standard of care; patient-provider relationship
Common reasons for claim denials include all of the following except: Billing non-covered services Lack of medical necessity Beneficiary not covered Coverage not in effect for date of service
incorrect: coverage not in effect for date of service
priviledged communication
information held confidential within a protected relationship
What is public law?
involved rights and duties between government and private parties (individuals or business) or between parts of federal, state, or local government criminal law (felonies, misdemeanors) Constitutional law Statutes and regulations intended for compliance
Favorable
less than budgeted amount
State decisis
let the decision stand, rely on precedent Lower courts bound to follow decisions of the higher courts in the same court system in order to determine the outcome of a case as long as the fact patterns of higher court case was similar of the current case
debt ratio
liability/asset; preferable debt ratio smaller than 1
private communication
one-to-one communication that involves just a few individuals about work matters
Federal anti-kickback statute
prohibits payment in exchange for referrals of federally payable services Knowingly, willingly offering to: - Pay, solicit, receive remuneration in exchange for referrals, other deals, in cash or in kind
CMI
relative value assigned to a DRG; used in determining the allocation of resources to care and/or treat the patients in the group
open communication
sharing all types of information throughout the organization and across functional and hierarchical boundaries
Medicare Code Editor (MCE)
software that edits claims to detect incorrect billing data that is being submitted.
Coinsurance
the percentage the guarantor pays
Zero-based budget
the point of a zero-based budget is to make income minus the outgo equal zero; expenses must be justified, prioritized for each new period
Delegation
the process of assigning managerial authority and responsibility to managers and employees lower in the hierarchy
charge code
used to assign cost and charge rates to types of work; cost rate for person doing the work
The plaintiff sued a hospital for negligence in failing to discover and properly treat his disease; injury resulted. The court found the nurse in this case (a hospital employee) to be negligent in failing to fully inform the attending physician of all the patient's symptoms on admission so that prompt action could be taken. The hospital was held liable under the theory of _____. The plaintiff was awarded ____ damages by the court, intended to restore him to his position before the injury occurred.
vicarious liability; actual