HIT 102 chapter 2 assignment
Which of the following statements define authorization?
A document signed by a patient to permit release of medical information
Select all that apply Who has the authority to authorize the release of a patient's medical information to anyone not directly involved in their care? (Select all that apply.)
A legally appointed representative The patient
A code of conduct for the members of a practice would cover which of the following? (Select all that apply.)
A policy to encourage employees to report compliance concerns to the compliance officer Procedures for ensuring compliance with laws relating to referrals Provisions for discussing compliance during performance reviews
The health system reform legislation that offers improved insurance coverage and other benefits is abbreviated as _____.
ACA
What must patients sign for use and disclosure of PHI for any reason other than TPO?
An authorization
Match the statutes or acts to their descriptions.
Antikickback statute---Makes it illegal to knowingly offer incentives referring patients for services that are paid by government healthcare programs Self-referral prohibition---Makes it illegal for physicians or their immediate family members to have financial relationships with clinics to which they refer their patients Sarbanes-Oxley Act of 2002---Requires publicly traded corporations to attest that their financial management is sound, which applies to for-profit healthcare companies
According to the OIG, voluntary compliance plans should contain which of the following? (Select all that apply.)
Appointment of a compliance officer Training Consistent written policies and procedures Appointment of a compliance committee
Which of the following tasks are outlined in compliance plans?
Audit and monitor compliance with government regulations
The main federal government agency responsible for healthcare is the _____.
Centers for Medicare and Medicaid Services
are companies that help providers handle electronic transactions.
Clearinghouses
Which of the following is included in the OIG compliance plan?
Communication
Which of the following applies to the role of the Department of Justice with regards to HIPAA?
Criminal violations of HIPAA privacy standards are prosecuted by the DOJ.
Which federal government department prosecutes criminal violations of HIPAA privacy standards?
Department of Justice
What information must be included on an authorization to release information? (Select all that apply.)
Description of the information to be disclosed Name of the person authorized to disclose the information Expiration date Name of the people to whom the disclosure is being made Purpose of the disclosure
Which of the following is an example of healthcare fraud?
Double billing a procedure that was performed once
Match the acronyms to their descriptions.
EMR--- Computerized records of one physician's encounters with a patient over the time; they are the physician's legal record of patient care. PHR---Private, secure electronic files that are created, maintained, and controlled by patients EHR---Computerized lifelong healthcare records
________are computerized records of one physician's encounters with a patient over time that are the physician's legal record of patient care.
EMRs, EMR, or Electronic medical records
__ is a method of converting a message into encoded text.
Encryption
Select all that apply Which of the following are examples of activities performed by CMS to ensure the quality of healthcare?
Evaluating the quality of healthcare services and facilities Researching the effectiveness of healthcare management Regulating lab testing Preventing discrimination based on health status
Which of the following examples constitute claims fraud?
Falsely reporting charges to payers Overcharging for services Failure to provide complete services under a contract Billing for services not performed
Which of the following is the agency that governs emergency guidance for release of information?
HHS
A covered entity is an organization that electronically transmits any information that is protected under _____.
HIPAA
Under ______ , a code set is any group of codes used for encoding data elements.
HIPAA
The law regulating the use and disclosure of patients' protected health information is called the _____.
HIPAA Privacy Rule
The _____ is a law that requires covered entities to establish safeguards to protect health information.
HIPAA Security Rule
The law promoting the adoption and use of health information technology is abbreviated as _____.
HITECH
Which of the following are covered entities that must follow HIPAA rules? (Select all that apply.)
Healthcare providers Health plans Clearinghouses
What is the purpose of healthcare fraud and abuse laws?
Help to control cheating in the healthcare system
Which of the following are true of the HITECH Act? (Select all that apply.)
It guides the use of federal stimulus money. It promotes the adoption of meaningful use of health information technology. It addresses privacy and security concerns associated with the electronic transmission of health information.
Which of the following are true of the federal False Claims Act? (Select all that apply.)
It protects relators against employer retaliation. It prohibits making fraudulent claims. It encourages reporting suspected fraud and abuse.
What must a covered entity do when a breach of unsecured PHI is discovered?
Notify the individuals whose information has been suspected of being disclosed
is the abbreviation for the government agency that prosecutes and investigates healthcare fraud?
OIG
The government agency that prosecutes and investigates healthcare fraud is the _____.
Office of the Inspector General
The _____ Rule contains regulations that enhance patient's privacy protections, and improved rights for patients top their health information.
Omnibus
Individually identifiable health information transmitted or maintained by electronic media is called _____.
PHI
What does the HIPAA Security Rule establish safeguards to protect?
PHI
Select all that apply Which of the following is documented in the patient's chart?
Patient's name Encounter date Diagnosis Plan of care
The HIPAA Standards for Privacy of Individually Identifiable Health Information Rule is also know as HIPAA _______ Rule
Privacy
Which of the following are parts of the Omnibus Rule? (Select all that apply.)
Prohibiting health plans from disclosing genetic information for determining insurance coverage Increasing civil monetary penalties for violations Restating the standards for reporting breaches Strengthening previous HIPAA/HITECH rules
Which of the following is a term used to describe whistle-blower cases?
Qui tam
Which of the following are examples of fraudulent or abusive billing acts? (Select all that apply.)
Reporting services at a higher level than were carried out Performing procedures that are not medically necessary Intentionally billing for services that were not performed or documented
After discovery of a breach of unsecured PHI, how long does a covered entity have to notify the individual(s) who would be affected?
Sixty days
Which of the following is a part of a patient's PHI?
Social security number Address Name
rules make it illegal for physicians to have financial relationships with clinics for the purpose of self referrals.
Stark
Select all that apply Which of the following are true of state regulations in healthcare?
States can restrict price increases on premiums. State laws ensure the solvency of insurance companies and managed care organizations. State commissioners of insurance investigate consumer complaints.
HIPAA Electronic Health Care Transactions and Code Sets is abbreviated as
TCS
Which of the following are rules governing the electronic exchange of health information?
TCS
Which of the following are among the five provisions (titles) of HIPAA?
Tax-Related Health Provisions Revenue Offsets Healthcare Access, Portability and Renewability Preventing Healthcare Fraud and Abuse Application and Enforcement of Group Health Plan Requirements
The revenue cycle explains how using EHRs is integrated with practice management programs as what process is performed?
Ten-step billing process
Who has the authority to authorize the release of a patient's medical information to anyone not directly involved in their care? (Select all that apply.)
The patient A legally appointed representative
Who has ownership of the actual progress notes, reports, and other clinical materials in a medical record?
The provider who created them
Select all that apply Which of the following describe the purposes of medical records? (Select all that apply.)
They help make accurate diagnoses. They trace the course of patients' care.
Match the HIPAA provisions (titles) to their descriptions.
Title I---Healthcare Access, Portability and Renewability Title II---Preventing Healthcare Fraud and Abuse; Administrative Simplification Title III---Tax-Related Health Provisions Title IV---Application and Enforcement of Group Health Plan Requirements Title V---Revenue Offsets
In which circumstances might CEs disclose PHI without the patient's consent?
To grant public health authorities access to PHI necessary to carry out their public health mission To prevent or lessen a serious threat to the health and safety of the public To treat the patient or another patient
Which of the following guidelines are helpful in conducting physician training classes? (Select all that apply.)
Use examples and facts. Explain the purpose of compliance. Develop a procedure for sharing information between trainings. Keep the presentations brief. Be straightforward in presentations.
How are the HIPAA transactions standards labeled?
With a number and a name
Select the HIPAA transaction number for referral certification and authorization.
X12 278
A network that shares responsibility for managing the quality and cost of care provided to a group of patients is called a(n) _____.
accountable care organization
The purpose of _______ logs is to record who has accessed or tried to access information.
activity
The purpose of ________ logs is to record who has accessed or tried to access information.
activity
When states ensure the solvency of insurance companies, it means the companies will _____.
be able to pay the enrollees' claims
An impermissible use or disclosure of PHI that could pose a risk to the affected person is called a(n) _____.
breach
It is considered _____ when an EHR system can provide access to the latest medical research on approved medical websites to assist with medical decision making.
clinical decision support
An alphabetic and/or numeric representation of data is called a(n) _____.
code set
A(n) ______ plan is a medical practice's written plan for complying with regulations.
compliance
To maintain _____, physicians should be regularly trained and updated in coding and regulatory matters.
compliance
The practice's code of ______. covers compliance in referral arrangements, and employee performance compliance.
conduct
An intentional deceptive act to obtain a benefit is called
fraud
In the United States, an estimated $50 billion are lost annually in healthcare as a result of ____.
fraud
A person's Social Security number is an example of a(n)
identifier
A(n) _____ is a file containing the documentation of a patient's medical history and related information.
medical record
State-specified performance measures for the delivery of healthcare are called _____.
medical standards of care
The revenue cycle merges the patient's ____________. documentation and financial/billing information in the chart.
medical, clinical, or health
Role-based access into computer records means that _____.
only those who need the information can see it
An example of confidential authentication information used to access EHR/PMP is a(n) _____.
password
Encounters take place between _____.
patients and healthcare providers
management programs encrypt data between the office and the Internet.
practice
A person who makes an accusation of fraud or abuse is called a(n) _____.
relator
The cycle that explains how using EHRs is integrated with practice management programs is called the _____ cycle.
revenue
The Employer Identification Number is also called the _____.
tax identification number
A requirement of any compliance plan includes ongoing _______
training
An electronic exchange of healthcare information is called a(n) _____.
transaction
Covered entities are those that _____.
transmit any health information in electronic form
Unprotected health information that is not secured through the use of technologies or methods that HHS has specified is called _____ PHI.
unsecured
