Ch 2 Med Ins and Billing
subpoena or subpena
A(n)__________ is an order of the court directing a party to appear and testify.
Psychotherapy
According to the Department of Health and Human Services (HHS), which notes have special protection under HIPAA?
Consistent written policies and procedures Training Appointment of a compliance committee Appointment of a compliance officer
According to the OIG, voluntary compliance plans should contain which of the following? (Select all that apply.)
Sixty days
After discovery of a breach of unsecured PHI, how long does a covered entity have to notify the individual(s) who would be affected?
HIPAA
Fill in the blanks to complete the sentence. Under ___________, a code set is any group of codes used for encoding data elements.
They contain sensitive information.
For which of the following reasons are psychotherapy notes treated differently under HIPAA?
820
Health plan premium payments is the HIPAA transaction name for number X12
With a number and a name
How are the HIPAA transactions standards labeled?
personal
Private, secure electronic files that are created, maintained, and controlled by patients are called _____ health records.
fraud
Reporting services at a higher level than performed is an example of
only those who need the information can see it
Role-based access into computer records means that _____.
HIPAA Electronic Health Care Transaction and Code Sets
Rules governing the electronic exchange of health information are called ____.
X12 278
Select the HIPAA transaction number for referral certification and authorization.
medical standards of care
State-specified performance measures for the delivery of healthcare are called _____.
tax identification number
The Employer Identification Number is also called the _____.
HIPAA
The protection of patients' private health information is covered under which law?
Ten-step billing process
The revenue cycle explains how using EHRs is integrated with practice management programs as what process is performed?
medical, clinical, or health
The revenue cycle merges the patient's ____________documentation and financial/billing information in the chart.
de-identified health
There are no restrictions on the use or disclosure of _____ information.
compliance officer
To ensure that a compliance plan is established and followed, most practices will appoint a _____ to be in charge of ongoing work.
compliance
To maintain _____, physicians should be regularly trained and updated in coding and regulatory matters.
Office of the Inspector General
The government agency that prosecutes and investigates healthcare fraud is the _____.
Health Care Fraud and Abuse Control Program
The government program to uncover misuse of funds in federal healthcare programs is called the _____.
ACA
The health system reform legislation that offers improved insurance coverage and other benefits is abbreviated as _____.
HITECH
The law promoting the adoption and use of health information technology is abbreviated as _____.
Health Information Technology for Economic and Clinical Health Act
The law promoting the adoption and use of health information technology is called the _____.
HIPAA Privacy Rule
The law regulating the use and disclosure of patients' protected health information is called the _____.
Centers for Medicare and Medicaid Services
The main federal government agency responsible for healthcare is the _____.
Oversees compliance programs
What does a compliance committee do?
PHI
What does the HIPAA Security Rule establish safeguards to protect?
Expiration date Name of the person authorized to disclose the information Purpose of the disclosure Name of the people to whom the disclosure is being made Description of the information to be disclosed
What information must be included on an authorization to release information? (Select all that apply.)
HPI PMH ROS H&P
Which of the following regarding medical history are documented in the patient's chart?
Medical records show medical necessity. Thorough medical records are a defense against accusations of malpractice or wrongdoing. Patient medical records are legal documents.
Which of the following statements are true regarding medical records? (Select all that apply.)
A document signed by a patient to permit release of medical information
Which of the following statements define authorization?
It is an intentional deceptive act to take advantage of another person.
Which of the following statements describes fraud?
Review coding compliance Review billing compliance Check out patients
Which of the following steps of the revenue cycle fall under coding and charge capture documentation? (Select all that apply.)
The patient
Who controls the amount and type of information that is released to an entity not directly involved in the patient's care?
The provider who created them
Who has ownership of the actual progress notes, reports, and other clinical materials in a medical record?
They can be dangerous and harm others.
Why must communicable diseases be reported?
PHI or Protected health information
is defined as individually identifiable health information that is transmitted or maintained by electronic sources other than a paper chart.
PHI
is defined as protected health information.
OIG
is the abbreviation for the government agency that prosecutes and investigates healthcare fraud?
practice
management programs encrypt data between the office and the Internet.
Psychotherapy
notes are treated differently because they contain particularly sensitive information.
FERA
stands for the Fraud Enforcement and Recovery Act of 2009.
compliance
A(n) _______ plan is a medical practice's written plan for complying with regulations.
HIPAA
A covered entity is an organization that electronically transmits any information that is protected under _____.
medical record
A(n) _____ is a file containing the documentation of a patient's medical history and related information.
encounter
A(n) _____ is a meeting between a patient and a medical professional.
covered entity
A health plan, clearinghouse, or provider who transmits any health information in electronic form is called a(n) _____.
accountable care organization
A network that shares responsibility for managing the quality and cost of care provided to a group of patients is called a(n) _____.
meeting or interaction
A patient encounter is also called the ________ with the provider.
relator
A person who makes an accusation of fraud or abuse is called a(n) _____.
identifier
A person's Social Security number is an example of a(n)
training
A requirement of any compliance plan includes on going
Omnibus
A set of regulations enhancing patients' privacy protections and rights to information is called the _____.
electronic data interchange
A system-to-system exchange of data in a standardized format is called a(n) _____.
Doctors Hospitals
An ACO is a network of which type of healthcare professionals?
ACO
An ________ is responsible for managing the quality and cost of care provided to a group of patients.
abuse
An action that improperly uses another's resources is called _____.
code set
An alphabetic and/or numeric representation of data is called a(n) _____.
transaction
An electronic exchange of healthcare information is called a(n) _____.
password
An example of confidential authentication information used to access EHR/PMP is a(n) _____.
breach
An impermissible use or disclosure of PHI that could pose a risk to the affected person is called a(n) _____.
fraud
An intentional deceptive act to obtain a benefit is called
medical necessity
Being able to prove that a procedure is related to the patient's condition is called _____.
transmit any health information in electronic form
Covered entities are those that _____.
patients and healthcare providers
Encounters take place between _____.
TCS
HIPAA Electronic Health Care Transactions and Code Sets is abbreviated as
name
In order to use the patients medical data for research the patient's _________ may not be identified.
fraud
In the United States, an estimated $50 billion are lost annually in healthcare as a result of ____.
To prevent or lessen a serious threat to the health and safety of the public To grant public health authorities access to PHI necessary to carry out their public health mission To treat the patient or another patient
In which circumstances might CEs disclose PHI without the patient's consent? (Select all that apply.)
When making premium payments to plans on behalf of employees When enrolling employees in a health plan When disenrolling employees from a health plan
In which of the following circumstances would it be appropriate to use an EIN? (Select all that apply.)
CMS policy
Many payers use _____ as the model for the healthcare industry.
it was needed to lessen a serious and imminent threat to the health of the public
New emergency guidance from HHS stating that CEs may disclose PHI without the patient's consent was applicable to a recent outbreak of Ebola virus because ______.
Safeguard patient records Appoint a privacy official for the practice Notify patients of privacy rights Train employees in regard to privacy practices Have a set of appropriate privacy practices
The HIPAA Privacy Rule mandates that covered entities must do which of the following? (Select all that apply.)
Providers Health plans Employers
The HIPAA transactions standards apply to the electronic data that is regularly sent back and forth between which entities? (Select all that apply.)
seven
The OIG compliance plan has _______ elements
Civil
The Office for _____ Rights enforces the HIPAA Privacy Act.
HIPAA Security Rule
The _____ is a law that requires covered entities to establish safeguards to protect health information.
Omnibus
The _______ Rule contains regulations that enhance patient's privacy protections, and improved rights for patients top their health information.
revenue
The cycle that explains how using EHRs is integrated with practice management programs is called the _____ cycle.
To provide security of patient information
What is the main purpose of encrypting data?
Help to control cheating in the healthcare system
What is the purpose of healthcare fraud and abuse laws?
Statutory reports
What kind of reports must physicians make for patients' births, deaths, and cases of abuse?
An antikickback statute
What makes it illegal to knowingly offer incentives to induce referrals for services paid by government healthcare programs?
Notify the individuals whose information has been suspected of being disclosed
What must a covered entity do when a breach of unsecured PHI is discovered?
Patient identifiers must be removed.
What must be done when using patient information for the purpose of research?
An authorization
What must patients sign for use and disclosure of PHI for any reason other than TPO?
review of systems
When a provider asks questions about the function of each body system, it is considered a _____.
Department of Justice
Which federal government department prosecutes criminal violations of HIPAA privacy standards?
Criminal violations of HIPAA privacy standards are prosecuted by the DOJ.
Which of the following applies to the role of the Department of Justice with regards to HIPAA?
Preventing discrimination based on health status Researching the effectiveness of healthcare management Regulating lab testing Evaluating the quality of healthcare services and facilities
Which of the following are examples of activities performed by CMS to ensure the quality of healthcare?
Medical procedure codes Medical concepts Medical diagnosis codes Tables of terms
Which of the following are examples of how code sets can be used? (Select all that apply.)
Medical record number Names Insurance plan
Which of the following are examples of patient's information that is taken out during the de-identified process?
Increasing civil monetary penalties for violations Prohibiting health plans from disclosing genetic information for determining insurance coverage Strengthening previous HIPAA/HITECH rules Restating the standards for reporting breaches
Which of the following are parts of the Omnibus Rule? (Select all that apply.)
TCS
Which of the following are rules governing the electronic exchange of health information?
Security Rule Privacy Rule Electronic Transaction and Code Set
Which of the following are the three parts of the Administrative Simplification?
It may be made available to researchers approved by the practice. Specific patient names may not be identified on reports or studies.
Which of the following are true about PHI that is made available for research data? (Select all that apply.)
A subpoena duces tecum requires a party to appear, testify, and bring specified documents or items. If required as evidence, PHI may be released without the patient's approval. To release PHI to a court without the patient's approval, a judicial order must be received. Subpoenas can be issued by the court directing a party to appear and testify.
Which of the following are true of PHI releases under court orders? (Select all that apply.)
State commissioners of insurance investigate consumer complaints. States can restrict price increases on premiums. State laws ensure the solvency of insurance companies and MCOs.
Which of the following are true of state regulations in healthcare?
It enforces HIPAA privacy standards. It can issue subpoenas for evidence. It takes action on behalf of individuals who have had PHI disclosed inappropriately. It is an agency of HHS. It has the authority to investigate complaints.
Which of the following are true of the OCR? (Select all that apply.)
Uncover compliance problems
Which of the following describe the purpose of compliance plans?
Social security number Name Address
Which of the following is a part of a patient's PHI?
Qui tam
Which of the following is a term used to describe whistle-blower cases?
Patient's name Encounter date Plan of care Diagnosis
Which of the following is documented in the patient's chart?
De-identified
_____ health information is medical data from which individual identifiers have been removed.
Clearinghouses
_________ are companies that help providers handle electronic transactions.
States
__________ regulate the operations and compliance of health insurance companies.