CHC Element 1 - Standards of Conduct
Information provided from a hotline call involves a senior manager and indicates potential research misconduct. The caller is concerned about losing her job. Which of the following should the compliance professional tell the employee: a. "retaliation is prohibited by policy" b. "confidentiality will always be maintained" c. "HIPAA regulations ensure confidentiality" d. "the ORI must be notified of this hotline call"
a. "retaliation is prohibited by policy"
What outlines documentation regulations for services provided by residents and teaching physicians? a. CMS Medicare's Final Rule b. DRG creep c. Upcoding
a. CMS Medicare's Final Rule
Which of the following is not a form of ethical behavior? a. Deception b. Loyalty c. Fairness d. Competition
a. Deception
What is a tool that should be used by health center on an annual basis to ensure its compliance activities are focused on the organization's highest risk areas? a. DRG creep b. compliance work plan c. OIG exclusion
b. compliance work plan
How many levels of appeal does Medicare Part A or Part B have? a. two b. five c. three d. four
b. five
Which of the following are provided under anti-kickback? a. Stark law b. safe harbors c. upcoding
b. safe harbors
At which level of the Medicare Part A or Part B appeals process is the appeal reconsidered by a qualified independent contractor? a. first level b. second level c. third level d. fourth level
b. second
What demonstrate the organization's ethical attitude and its enterprise wide emphasis on compliance with all applicable laws and regulations? a. mission statement b. standards of conduct c. employee handbook
b. standards of conduct
An IRB received a self-report of investigator non-compliance describing a repeated failure to ensure that all participants met inclusion criteria before receiving an investigational drug. The PI also submitted a Corrective Action Plan that stated staff will be more careful to document that inclusion and exclusion criteria are met, but IRB is unsatisfied with this plan. Which of the following is the MOST appropriate: a. suspend all the PI's clinical trials until the audits are completed b. stop enrollment in all of the PI's clinical trials until they are audited c. require the PI to undergo additional training in the GCP/ICH guidelines d. consult SOP to determine the available options before taking action
b. stop enrollment in all of the PI's clinical trials until they are audited
What can a covered entity do to avoid lengthy and expensive litigation under a CIA agreement? a. admit guilt and accept responsibility b. submit to a government plan for corrective action c. delay until the government forgets about it
b. submit to a government plan for corrective action
The practice of using a billing code that provides a higher reimbursement rate than the billing code actually reflects the service furnished. a. DRG creep b. upcoding c. civil monetary penalty
b. upcoding
What is a qui tam? a. lawsuit b. whistleblower c. enforcement d. provider
b. whistleblower
How many obstacles to effective compliance are mentioned in the book Compliance 101 4th edition? a. 20 b. 5 c. 10 d. 50
c. 10
A whistleblower could receive 25-30% of the total award if the DOJ declines the case and _____ if the DOJ assumes the case? a. 50% b. 30-45% c. 15-25%
c. 15-25%
HIPAA is also known as the Act of ________ because of the year it was developed? a. 1993 b. 1886 c. 1996
c. 1996
How many stages are in a risk assessment? a. 4 b. 10 c. 5
c. 5
Which Act has a 3 strikes and you're out clause, requiring permeant expulsion? a. HIPAA b. False Claims Act c. Balanced Budget Act
c. Balanced Budget Act
A compliance professional is reviewing the policies and procedures for exclusion verifications. The policy does not state frequency of exclusion verifications. How frequent should exclusion verifications be performed? a. Annually b. Bi-annually c. Monthly d. Semi-annually
c. monthly (as recommended by OIG to avoid risk)
What is EMTALA designed to prevent? a. triage b. emergency room failures c. patient dumping
c. patient dumping
According to HHS-OIG - Proper documentation protect patients, providers and __________? a. people b. covered entities c. programs
c. programs
A study coordinator inform a research compliance professional that a sponsor has offered a $100 incentive for every patient recruited for an IRB-approved clinical trial in recognition of the efforts. The is no institutional policy that directly addresses study recruitment incentives, and nothing in the clinical research agreement (CRA) would prohibit such payments. The research compliance professional should instruct the coordinator: a. not to accept the payment because they violate COI regulations b. not to accept the payments because they are prohibited under AKS c. to have the CRA amended to reflect actual work performed in return for any payments, and have payments made to the institution d. to submit a protocol amendment to the IRB reflecting the incentive program, and accept the payments if the IRB approves them
c. to have the CRA amended to reflect actual work performed in return for any payments, and have payments made to the institution
Which is not a suggestion for adult learners? a. acknowledge life learning b. recognize individual resourcefulness c. treat as prisoners d. teach to all types of adult learning
c. treat as prisoners
HIPAA added an additional civil monetary penalty to the OIG's sanction authorities for what type of violations? a. billing b. DRG creep c. upcoding
c. upcoding
How many coding/billing risk are there? a. 10/5 b. 17/7 c. 7/10 d. 7/17
d. 7/17
The code of conduct should address the organization's: a. Culture b. Beliefs c. Ethical position d. All of the above
d. All of the above
Which of the following violations could result in immediate termination? a. Egregious acts of misconduct b. Violence in the workplace c. Stealing/Embezzlement d. All of the answers
d. All of the answers
When developing an effective code of conduct, an organization should consider: a. Soliciting another organization's code and tweaking it to fit b. Methods for reporting issues c. Zero tolerance for fraud and abuse d. B and C
d. B and C
Which of these steps should not be taken when assisting in a code of conduct violation investigation? a. Follow the company policy to fairly discipline the involved parties. b. Document and report your findings. c. Treat every person involved with dignity and respect. d. Limit your interview to as few people as possible.
d. Limit your interview to as few people as possible.
What type of covered entity did the OIG reference as a guide in the open letter to Providers? a. hospitals b. clinical laboratories c. home health facilities
b. clinical laboratories
True or False: An excluded individual is automatically reinstated at the end of an exclusion term
FALSE - An excluded individual must apply for reinstatement at the end of their exclusion term
The OIG does not identify DRG creep as a risk area? True or False
False
True or False: In order to function at our company, you may be required to give up your personal sense of right and wrong
False
True or False: The entity's level of commitment to compliance is directly related to the resources (human and financial)
False
When a hospital official notes that most errors are occurring at the sharp end. What do they mean? a. they involve surgical tools or knives b. they occur in clusters c. they occur during the interactions between caregivers and patients d. they are more likely to occur during busy periods
C. they occur during the interactions between caregivers and patients
HIPAA makes it a crime to submit claims based on incorrect codes or medically unnecessary services. True or False
True
Policies and procedures begin with risk. True or False
True
The OIG work plan highlights the areas the government will give close attention to. True or False
True
The seven fundamental elements of an effective compliance program are? 1. implement standards of conduct 2. establish compliance oversight 3. develop effective lines of communication 4. conduct training and education 5. conduct internal monitoring and auditing 6. enforce standards through disciplinary guidelines 7, respond promptly to detected offenses and under taking corrective action. True or False
True
True or False: A company Code of Conduct acts as one of the guidelines as to how the company operates day-to-day and conducts business
True
A code of conduct must be written plainly and concisely so all employees can understand the standards. True/False
True
An organization should have a policy defining what a policy is, the process for developing a policy, the accountable management role and the steps for how and when your review and revision of policies and procedures will be accomplished. True or False
True
Compliance is about prevention, detection, collaboration and enforcement. True or False
True
Which piece of legislation established a new set of standards for corporate responsibility? a. Sarbanes Oxley act b. US Patriot act c. Foreign Corrupt Practices act d. Stark Law
a. Sarbanes Oxley act
An individual's understanding of the compliance aspects of their job can be BEST enhanced by including compliance in a. annual evaluations b. exit interviews c. HR benefit material d. audit committee meetings
a. annual evaluations
Which of the following words best describes the approach to punishment of the Federal Sentencing Guidelines? a. case specific b. draconian c. consistent d. remedial
a. case specific
"...it cannot be emphasized enough that the only thing worse than not having a policy is having a policy and not following it." This statement refers to which of the 7 Compliance Program Elements" a. code of conduct b. compliance administration (Officer/Committee) c. education d. monitoring and auditing e. reporting and investigating f. enforcement and discipline g. response and prevention
a. code of conduct
A stand alone document that everyone in the organization should be aware of? a. code of conduct b. HR manual c. department policy
a. code of conduct
Which of the following is not one of the ten obstacles to effective compliance? a. commitment and buy in from the Board and Management b. lack of resources c. resistance to change
a. commitment and buy in from the Board and Management
According to Title II of HIPAA, disclosure of protected health information related to which of the following actions requires the patient's express written authorization? a. state in which the treatment occurred b. health care options c. treatment d. payment
a. state in which the treatment occurred
OIG can impose mandatory exclusion for a minimum of..? a. 10 years b. 5 years c. 7 years
b. 5 years
Which is not a code that make up the DRGs? a. international classification of diseases b. 8th edition c. 10th edition d. clinical modifications or ICD-10-CM/PCS
b. 8th edition
Which of the following is used to assist employees in carrying out daily responsibilities within an appropriate legal standard? a. Legal transcript b. code of Conduct c. Mission Statement d. Vision Statement
b. Code of Conduct
Which agency is OSHA a part of? a. Department of Justice b. Department of Labor c. HIPAA d. Health and Human Services
b. Department of Labor
When did the OIG send an open letter to Providers encouraging them to implement a compliance program? a. January 27, 1997 b. February 27, 1997 c. February 28, 1998 d. January 28, 1998
b. February 27, 1997
How should an organization handle an employee who refuses to sign a code of conduct or complete assigned compliance training? a. Ignore them b. Follow policy c. Terminate them immediately
b. Follow policy
In general, who should the Compliance Officer report to? a. OIG b. Governing Board c. Legal Department
b. Governing Board
Which Act makes it a criminal offense to submit claims based on incorrect codes or medically unnecessary services? a. Balanced Budget Act b. HIPAA c. False Claims Act
b. HIPAA
What can be an effective support system of the desired organizational culture? a. Auditing and monitoring b. HR policies and procedures c. Management d. Security personnel
b. HR policies and procedures
A record retention policy must be based on a. AHIMA requirements b. applicable state laws c. state insurance commissioner's requirements d. applicable electronic health record constraints
b. applicable state laws
A hospital medical staff office is conducting its monthly review of the Excluded Parties List System (EPLS). The compliance officer is called by the manager of the medical staff office and informed that Dr. Smith, a surgeon who took call 5 times last month for the Emergency Department, was excluded on a date prior to those dates when the surgeon took call. In other words, the effective date of the exclusion involving the surgeon was 4/1/2019 and the surgeon took call and provided surgical services to patients in the ED on 4/13/19, 4/20/19, and 4/27/2019. What is the NEXT action the compliance officer should do? a. Contact the ED and make sure that the involved surgeon is removed from taking any more on call shifts. b. Have the medical office check if the surgeon is listed on other exclusion lists. c. Contact legal counsel to alert of the need to pay back reimbursement received for services provided by an excluded individual. d. Hold all surgical service related bills associated with the ED so that none are released to any payers which may involve this surgeon.
b. Have the medical office check if the surgeon is listed on other exclusion lists
A compliance professional has been working with a department director to implement a new policy regarding timely completion of medical records. Which of the following should be completed by the department manager to support compliance with the new policy? a. Statistically valid sampling audit b. Monitoring c. Discovery Audit d. Retrospective Audit
b. Monitoring
Which serves as a reference source of information about personnel policies and procedures? a. Nursing Handbook b. Personnel Policy Manual c. Physician Desk Reference d. Material Safety Data Sheets
b. Personnel Policy Manual
What types of gifts or favors are acceptable under the Code of Conduct? a. A $100 gift card from a vendor to influence you to form an agreement that involves buying certain products b. Receiving a coffee mug with your facility's logo on it c. Free tickets to Hawaii from a company in exchange for buying products from them d. A tip from a family to ensure their loved one receives "special care"
b. Receiving a coffee mug with your facility's logo on it
You are the new compliance officer for a hospital and see that it is currently under an OIG CIA. What would be the first course of action in your new position? a. Review the current OIG Work Plan and update the audit schedule for the hospital. b. Review the Code of Conduct and Policies and Procedures and update them as appropriate. c. Meet with the Compliance Board and discuss your vision of how compliance will be run in the future. d. Review the audit schedule and pick up where the previous compliance officer left off.
b. Review the Code of Conduct and Policies and Procedures and update them as appropriate
One of the most important foundations of your compliance program is: a. The Compliance Policy Manual b. The Organization Code of Conduct c. The non-retaliation policy d. Adequate staffing and information systems
b. The Organization Code of Conduct
Under a CIA, how often must employees attest to the code of conduct? a. monthly b. annually c. bi-annually d. weekly
b. annually
A health system implemented an EHR in 55 clinics. The privacy professional is told employees are inconsistently interpreting the policy addressing employee access to EHR. Which of the following is the privacy professional's BEST strategy? a. Collaborate with HR to ensure appropriate discipline b. Perform an audit under Attorney-Client Privilege c. Conduct surveys of clinic employees concerns d. Audit a random sampling of clinics across the organization
c. Conduct surveys of clinic employees concerns
Where are Physician service codes described? a. ICD-10-CM/PCS b. DRGs c. Current Procedural Terminology (CPT)
c. Current Procedural Terminology (CPT)
Which agency does the OIG work in conjunction with to reasonably enforce the rules and regulations under the Medicare and Medicaid laws outlined as part of the Social Security Act and administrated by the Centers for Medicare and Medicaid Services? a. HIPAA b. HHS c. DOJ
c. DOJ
What was the Defense Industry Initiative replaced by? a. non-retaliation b. DOJ c. HHS OIG for the healthcare industry
c. HHS OIG for the healthcare industry
Who in the organization should partner with the Compliance Officer to develop the non-retaliation policy? a. CEO b. Board c. Legal Counsel
c. Legal Counsel
The compliance officer has completed the non-retaliation policy and it's been officially implemented. The next steps should be: a. Investigate all reports of violations b. Post the information publicly in the internet c. Make the information available to hospital employees d. Revise it annually
c. Make the information available to hospital employees
What are the 2 types of OIG exclusions? a. submissive/permissive b. mandatory/special c. mandatory/permissive
c. Mandatory/Permissive
If a provider is on the OIG sanctions list, what do you do first? (list valuation report) a. notify the OIG b. revise the policies and procedures c. put the provider on admin leave
c. Put provider on Administrative Leave
An employee violated the non-retaliation policy, by spreading rumors about the employee who reported him. The compliance professional's first action is to: a. Create formal hearing for the violator b. Pursue legal consequence against violator before pursuing work consequences c. Recommend disciplinary actions against the violator of the non-retaliation policy d. Dismiss both employees from work
c. Recommend disciplinary actions against the violator of the non-retaliation policy
You are the new Compliance Officer, hired after ABC Hospital reorganized and decided that the General Counsel should no longer also serve in that role. Upon review of the Code of Conduct (COC), you find that it is written using lots of legal jargon. What action do you take: a. Keep COC as it is. b. Pull a sample off the internet and insert hospital name to save time as it was most likely written by experts. c. Rewrite the COC in plain and concise language tailored to the hospital so employees can use a general guidance. d. Rewrite the COC with detailed restating hospital's P&Ps, and all laws and regulations possible so that employees can't say they were not aware of requirements.
c. Rewrite the COC in plain and concise language tailored to the hospital so employees can use a general guidance.
Which statute prohibits any knowing and willful conduct involving the solicitation, receipt, offer or payment of any kind of remuneration in return for referring an individual or for recommending or arranging the purchase, lease or ordering of an item or service that may be wholly or partially paid for under a federal health care program? a. safe harbors b. stark law c. anti-kick back
c. anti-kick back
The majority of fraud and abuse violations relate to irregularities in____________? a. treatment b. diagnosis c. billing d. scheduling
c. billing
What is the purpose of the code of conduct? a. represent the culture of the organization b. provide a process for proper decision making c. both a & b d. none of the above
c. both a & b
Fill in the blanks: The OIG CPG states: Standards of _______ should articulate hospital's commitment to comply with Federal and state standards..... they should state the organization's mission, goals, and ethical requirements of compliance and reflect a carefully crafted, clear expression of expectations for all hospital governing body members, officers, managers, employees, physicians, and, where appropriate, _______ and other agents. a. guidelines/contractors b. conduct/strangers c. conduct/contractors d. none of the above
c. conduct/contractors
An initiative designed to help eliminate waste and regulate prices? a. OIG workplan b. DOJ c. defense industry initiative
c. defense industry initiative
The secretary of which federal agency oversees the Food and Drug Administration? a. occupational safety and health administration b. general services administration c. department of health and human services d. centers for Medicare and Medicaid services
c. department of health and human services
When developing a non-retaliation policy, what should the Compliance Officer include? a. steps for a risk assessment b. billing and coding errors c. details emphasizing the option to remain anonymous
c. details emphasizing the option to remain anonymous
An employee refuse to attest in writing that they have read, received and understand the code of conduct standards, what should the Compliance Officer do? a. terminate the employee b. with hold their pay c. follow the policies and procedures of the organization
c. follow the policies and procedures of the organization
Which is the correct order for the components of risk? a. mitigate, evaluate, identify, prioritize b. prioritize, evaluate, mitigate, identify c. identify, evaluate, prioritize, mitigate
c. identify, evaluate, prioritize, mitigate
What are the five stages of a risk assessment? a. identify, prioritize, work plan, action, review b. identify, publicize, work plan, action, report c. identify, prioritize, work plan, action, report
c. identify, prioritize, work plan, action, report
Which of the following groups is least likely to report errors? a. primary care physicians b. support staff c. independent contractors d. nurses
c. independent contractors
Under the US Federal Sentencing Guidelines, there is an expectation that effective compliance programs include due diligence in discretionary authority and hiring. Which of the following is MOST important process to include? a. Periodic background checks b. Drug Testing c. Monthly exclusion verifications through OIG database d. Monthly exclusion verifications through SAMS GSA Exclusion database
d. Monthly exclusion verifications through SAMS GSA Exclusion database.
Code of conduct supersedes which of the following: a. Department's policy and procedure b. State Law and Regulation c. Federal Laws and Regulation d. None of the answers
d. None of the answers
According to Federal Sentencing Guidelines, which of the following factors could increase the punishment of an organization? a. obstruction of justice b. violation of a direct order c. prior history of violations d. all of the above
d. all of the above
Code of Conduct Purpose: a. elevate corporate performance in basic business relationships b. confirms that the organization upholds and supports proper compliance conduct c. To provide a process for proper decision making d. all of the above
d. all of the above
OIG suggests which check (s) be performed for new hires under the new hire guidelines. a. background b. reference c. exclusion d. all of the above
d. all of the above
Which of the following should be considered when evaluating a potential COI? a. compensation rates b. organizational status c. length of employment d. business relationships
d. business relationships
Which audit is most likely to be considered a real time audit? a. baseline b. contemporaneous c. probe d. concurrent
d. concurrent
Research suggests that the largest proportion of adverse events attributable to negligence occur in the _______? a. post trauma unit b. surgery unit c. maternity ward d. emergency room
d. emergency room
Which is not a consideration when developing a code of conduct? a. content check list b. employees c. purpose d. patients
d. patients
Compliance related policies and procedures should exist in many areas including __________. a. auditing and monitoring b. record retention c. stark/anti-kickback d. none of the above e. all of the above
e. all of the above
Which of the below are considered aggravating factors to a culpability score? a. willfully ignorant b. repeat offense c. obstruction of justice d. awareness of and tolerance of the violation were pervasive e. all of the above
e. all of the above
Which of the below are considered mitigating factors to a culpability score? a. effective compliance program b. violation reported promptly c. cooperation with government d. responsibility accepted e. all of the above
e. all of the above
For Enforcement and Disciplinary Actions, Policies should include: a. non-compliant consequences b. employees duty to report non-compliance c. outline of disciplinary actions or procedures d. promise that discipline will be fair and inconsistent e. all of the above f. a, b, c
f. a, b, c a. non-compliant consequences b. employees duty to report non-compliance c. outline of disciplinary actions or procedures
