RHIT Final Practice

Which of the following is the best definition of a security vulnerability? a. Something that can exploit a security weakness b. Lack of consistency in data c. A weakness or gap in security protection d. Exposure to danger

A weakness or gap in security protection A security threat is anything that can exploit a security vulnerability. Vulnerability is a weakness or gap in security protection (Johns 2015, 219).

The HIM director is performing a staffing analysis to determine the number of employees needed to prep, scan, index, and carry out quality control on scanned medical records. Given a turnaround time of 24 hours, an average number of 48,000 images to be captured, and the benchmarks listed here, what is the least number of employees the department needs if each employee is working an 8 hour shift? FUNCTION - EXPECTATION PER WORK HR Prepping - 340-500 imgs Scanning - 1200-2400 imgs Qual. Control - 1600-2000 imgs Indexing - 600-800 imgs a. 96 employees b. 37 employees c. 36 employees d. 25 employees

25 employees Workflow is the process, progress, or flow of the work within a system. The system generally begins with the input, the process to complete the task (such as staff and tools) and ends with the desired output. Also included in the process is the rate at which it happens. Understanding the workflow within a department is crucial for the supervisor in managing the departmental resources. To understand and control the workflow, the supervisor can perform a workflow analysis and then design the process to be more effective and efficient. Divide 48,000 by each standard work per hour. Add hours and divide by 8 (Gordon and Gordon 2016b, 543). Math: Prep 48,000/500 = 96 Scan 48,000/2,400 = 20 Quality Control 48,000/2,000 = 24 Indexing 48,000/800 = 60 96 + 20 + 24 + 60 = 200 200/8 = 25

Community Hospital had 100 patients in the hospital at midnight on May 1. The hospital admitted 30 patients on May 2. The hospital discharged 40 patients, including deaths, on May 2. Two patients were both admitted and discharged on May 2. What was the daily inpatient census at midnight on May 2? a. 90 b. 92 c. 130 d. 132

90 The result of the official count taken at midnight is the daily inpatient census. This is the number of inpatients present at the official census-taking time each day ([100 + 30] - 40) = 90 (Horton 2016b, 386).

If an HIM department receives gifts from vendors in exchange for purchasing specific encoder software, this is considered: a. Abuse b. Negligence c. Malpractice d. A kickback

A kickback The Federal Anti-Kickback Statute establishes criminal penalties for individuals and entities that knowingly and willfully offer, pay, solicit, or receive remuneration in order to induce business for which payment may be made under any federal healthcare program. Remuneration covered by the Anti-Kickback Statute includes, but is not limited to, kickbacks, bribes, and rebates (Foltz et al. 2016, 449).

Which of the following would be considered abuse in terms of healthcare reimbursement? a. Billing for services not provided to the patient b. A pattern of coding errors c. Misrepresentation of procedures performed to obtain payment for non-covered services d. Falsifying a patient's diagnosis to justify tests

A pattern of coding errors A single coding error is not abuse; a pattern of the same error makes it abuse (Foltz et al. 2016, 448).

Which of the following would be considered abuse in terms of healthcare reimbursement? a. Billing for services not provided to the patient b. A pattern of coding errors c. Misrepresentation of procedures performed to obtain payment for non-covered services d. Falsifying a patient's diagnosis to justify tests

A pattern of coding errors A single coding error is not abuse; a pattern of the same error makes it abuse (Foltz et al. 2016, 448).

Which of the following would be considered abuse in terms of healthcare reimbursement? a. Billing for services not provided to the patient b. A pattern of coding errors c. Misrepresentation of procedures performed to obtain payment for non-covered services d. Falsifying a patient's diagnosis to justify tests

A pattern of coding errors A single coding error is not abuse; a pattern of the same error makes it abuse (Foltz et al. 2016, 448).

In the following figure there is: a. A positive relationship between the variables b. No correlation between the variables c. A negative relationship between the variables d. A weak negative correlation between the variables

A positive relationship between the variables Scatter diagrams are used to plot the points for two continuous variables that may be related to each other in some way. Whenever a scatter diagram indicates that the points are moving together in one direction or another, conclusions about the variables' relationship, either positive or negative, become evident. In this case a positive relationship between the variables can be seen as the points gather together at the top of the diagram (Watzlaf 2016, 353).

Safeguards established to support the data being available when and where is it needed under the data quality model is called: a. Approachability b. Relevancy c. Timeliness d. Accessibility

Accessibility

Healthcare facilities must have processes in place to maintain and correct the master patient index (MPI) against the quality issues of duplicates, overlays, and overlaps on a continuous basis. Which of the following is used to match patients so that patient information can be merged? a. Outguide b. Algorithm c. Audit trail d. Encoder

Algorithm An algorithm is used in a healthcare facility to match patients so that patient information can be merged. This process helps to maintain an accurate MPI and avoid duplicates, overlays, and overlaps (Sayles 2016b, 58).

Healthcare facilities must have processes in place to maintain and correct the master patient index (MPI) against the quality issues of duplicates, overlays, and overlaps on a continuous basis. Which of the following is used to match patients so that patient information can be merged? a. Outguide b. Algorithm c. Audit trail d. Encoder

Algorithm An algorithm is used in a healthcare facility to match patients so that patient information can be merged. This process helps to maintain an accurate MPI and avoid duplicates, overlays, and overlaps (Sayles 2016b, 58).

Patient history questionnaires, problem lists, diagnostic test results, and immunization records are commonly found in which type of health record? a. Rehabilitative care record b. Emergency department record c. Long-term care record d. Ambulatory record

Ambulatory record The ambulatory record is very similar to an inpatient hospital-based health record. Some of the items included in the ambulatory record are: patient history questionnaires, problem lists, diagnostic test results, and immunization records (Brickner 2016, 101).

Procedures should be complete enough so that: a. There is never a need to improve the process b. Anyone generally competent can perform the task c. There is no need to train a new employee d. Policies are never needed

Anyone generally competent can perform the task A procedure is a guide to action and describes how work is done and how policies are carried out. Procedures are instructions that ensure high-quality, consistent outcomes for tasks, especially when more than one person is involved. Anyone generally competent to perform a task should be able to complete it after reading a well-written procedure (Gordon and Gordon 2016b, 538).

The National Correct Coding Initiative consists of: a. Rules for HCPCS and ICD coding for outpatient services b. Automated edits to evaluate Medicare outpatient claim submissions for certain code combinations for services for the same beneficiary on the same date of service c. Manual edits to evaluate Medicare and Medicaid outpatient claim submissions for more than one service for the same beneficiary on the same date of service d. Rules for CPT and ICD coding for outpatient services

Automated edits to evaluate Medicare outpatient claim submissions for certain code combinations for services for the same beneficiary on the same date of service The NCCI edits explain what procedures and services cannot be billed together on the same day of service for a patient. Most providers have built this into their claims software (Casto 2018, 256).

William is the director of HIM at a large acute-care facility. He is concerned because the coders in his department never seem to be able to keep up with the number of discharges. The chief financial officer (CFO) is questioning the cost of hiring consultants to cover the backlog, because William is in danger of exceeding his consulting budget very soon. William is not sure whether he needs to hire another coder or work more closely with his existing coders to increase productivity. Which of the following activities will be most helpful for William to understand whether his coders are appropriately productive? a. Brainstorming b. Needs assessment c. Benchmarking d. Quality improvement

Benchmarking The goal of benchmarking is to improve performance by measuring and comparing a selected work process, identifying best practices, and perhaps conducting interviews with the benchmark organization or organizations. Opportunities for process improvement can be identified where best practice has been applied in other organizations. A benchmark organization is usually an organization of similar size and other characteristics. Before embarking on a benchmarking project, coding managers should determine the criteria or indicators for the benchmark comparison (Shaw and Carter 2019, 42).

When a physician is appointed to the medical staff of a healthcare organization, their scope of practice is determined by: a. Position on the staff b. Clinical knowledge c. Credential d. Clinical privileges

Clinical privileges The medical staff is generally referred to as independent practitioners. They include individuals permitted by law and the organization to provide patient care services without direction or supervision, within the scope of their license and individually granted clinical privileges (Shaw and Carter 2019, 275).

The staff member who is responsible for evaluating and monitoring education action plans for individual coders within a coding department is the: a. Compliance officer b. Data quality specialist c. Coding manager d. Attending physician

Coding manager Coding managers play an important role in the data quality review and educational process for coders. They are responsible for developing action plans for individual coders (Schraffenberger and Kuehn 2011, 313).

When a healthcare organization evaluates their quality measures and patient satisfaction scores with a similar organization, they are using: a. Comparative performance data b. Data repository c. Information warehouse d. PI database

Comparative performance data To determine if there is a need to collect more data or implement improvement processes, the data need to be compared to a benchmark, which is a standard of performance or best practice (Shaw and Carter 2019, 356).

The HIM operations supervisor has instituted a performance improvement program that includes the use of benchmarks. Benchmarks have been established for productivity and the program was instituted two weeks ago. What should the supervisor do to determine if the benchmark is being met? a. Ask employees for their feedback on the benchmarks b. Compare individual employees' productivity to the benchmark c. Measure the number of employees calling in sick since the benchmark was set d. Compare the HIM department's productivity data against the benchmark

Compare the HIM department's productivity data against the benchmark The evaluation data must be the same measurement as the benchmark data, which is by total lines per hour of production. The goal of benchmarking is to improve performance by measuring and comparing a selected work process, identifying best practices, and perhaps conducting interviews with the benchmark organization or organizations (Schraffenberger and Kuehn 2011, 273).

The HIM director has been asked to monitor the hospital's "Do Not Use" abbreviation policy for health record documentation. Which of the following monitoring actions would best ensure that a medication error would be caught before an adverse incident occurs? a. Instituting an educational program on the hospital's policy b. Placement of policy notices at each nursing station c. Concurrent monitoring by pharmacy staff for medication orders d. Retrospective assessment of all medication orders from the past month

Concurrent monitoring by pharmacy staff for medication orders Option "c" is the only option that will identify potential problems or errors before an adverse event occurs. The organization must be very clear about which abbreviations are not acceptable to use when writing or communicating medication orders (Shaw and Carter 2019, 222-223).

The HIM director has been asked to monitor the hospital's "Do Not Use" abbreviation policy for health record documentation. Which of the following monitoring actions would best ensure that a medication error would be caught before an adverse incident occurs? a. Instituting an educational program on the hospital's policy b. Placement of policy notices at each nursing station c. Concurrent monitoring by pharmacy staff for medication orders d. Retrospective assessment of all medication orders from the past month

Concurrent monitoring by pharmacy staff for medication orders Option "c" is the only option that will identify potential problems or errors before an adverse event occurs. The organization must be very clear about which abbreviations are not acceptable to use when writing or communicating medication orders (Shaw and Carter 2019, 222-223).

A quantitative review of the health record for missing reports and signatures that occurs when the patient is in the hospital is referred to as a: a. Prospective review b. Concurrent review c. Peer review d. Retrospective review

Concurrent review The quantitative analysis or record content review process can be handled in a number of ways. Some acute-care facilities conduct record review on a continuing basis during a patient's hospital stay. Using this method, personnel from the HIM department go to the nursing unit daily (or periodically) to review each patient's record. This type of process is usually referred to as a concurrent review because review occurs concurrently with the patient's stay in the hospital (Sayles 2016b, 64).

Which of the following is a documentation issue? a. Case mix index b. Key indicator c. Copy and paste functionality d. Query

Copy and paste functionality The copy and paste functionality in the electronic health record can result in incorrect information being copied into the health record (Sayles 2016b, 69).

This concept includes the process of data governance, patient identification, authorization validation, amendments and record corrections, and audit validation. a. Data accuracy b. Data completeness c. Data reliability d. Data integrity

Data integrity Data integrity is the assurance that the data entered into an electronic system or maintained on paper are only accessed and amended by individuals with the authority to do so. Data integrity includes data governance, patient identification, authorship validation, amendments and record correction, and audit validation for reimbursement purposes (Brinda 2016, 152).

The Health Information Director is given responsibility to manage the information and access to the deficiency module, clinical coding module, and release of information module with the electronic health record. This is an example of what data strategy method? a. Data management b. Data standardization and integration c. Data ownership d. Data stewardship

Data ownership Data ownership is the process of making leaders within the organization responsible for specific areas of the system where data is being entered. Based on the business need, the business owners are responsible for creating business rules and definitions when collecting specific data to support patient care and their business operations (Brinda 2016, 154).

The Health Information Director is given responsibility to manage the information and access to the deficiency module, clinical coding module, and release of information module with the electronic health record. This is an example of what data strategy method? a. Data management b. Data standardization and integration c. Data ownership d. Data stewardship

Data ownership Data ownership is the process of making leaders within the organization responsible for specific areas of the system where data is being entered. Based on the business need, the business owners are responsible for creating business rules and definitions when collecting specific data to support patient care and their business operations (Brinda 2016, 154).

A healthcare enterprise wants to analyze data from multiple computer systems across the organization to determine trends in patient care services. Which of the following would be the best application to perform this function? a. Database b. WAN c. Spreadsheet d. Data warehouse

Data warehouse Most organizations use multiple databases in their daily business operations. Many of these are separated from each other and the data are not available in a consolidated form to help managers and others make decisions. A data warehouse is a special type of database that alleviates this problem by consolidating and storing data from various databases throughout the enterprise (Brinda 2016, 148-149).

A healthcare enterprise wants to analyze data from multiple computer systems across the organization to determine trends in patient care services. Which of the following would be the best application to perform this function? a. Database b. WAN c. Spreadsheet d. Data warehouse

Data warehouse Most organizations use multiple databases in their daily business operations. Many of these are separated from each other and the data are not available in a consolidated form to help managers and others make decisions. A data warehouse is a special type of database that alleviates this problem by consolidating and storing data from various databases throughout the enterprise (Brinda 2016, 148-149).

The hospital's Revenue Cycle Management (RCM) team compiles data each month on the value of discharged not final billed (DNFB) cases. Given the data on this chart, what action by the HIM department should be taken? a. No action is required since the value of DNFB cases is falling. b. Determine the cause of the DNFB case upward trend and initiate process improvements. c. Establish an incentive payment program for coders to lower DNFB cases. d. Identify external benchmarks to determine if the DNFB cases are within acceptable range.

Determine the cause of the DNFB case upward trend and initiate process improvements. To discover what systems, processes, or outcomes need to be improved, a healthcare organization must first find out what is and what is not working. The cause of the DNFB upward trend would need to be determined and then process improvement can begin (Shaw and Carter 2019, 41).

The hospital's Revenue Cycle Management (RCM) team compiles data each month on the value of discharged not final billed (DNFB) cases. Given the data on this chart, what action by the HIM department should be taken? a. No action is required since the value of DNFB cases is falling. b. Determine the cause of the DNFB case upward trend and initiate process improvements. c. Establish an incentive payment program for coders to lower DNFB cases. d. Identify external benchmarks to determine if the DNFB cases are within acceptable range.

Determine the cause of the DNFB case upward trend and initiate process improvements. To discover what systems, processes, or outcomes need to be improved, a healthcare organization must first find out what is and what is not working. The cause of the DNFB upward trend would need to be determined and then process improvement can begin (Shaw and Carter 2019, 41).

The Medical Record Committee is assessing various strategies to improve documentation in the health record. Concerns have been raised that current documentation practices may be insufficient to support diagnoses or reflect the progress and clinical findings in patient care. Which of the following would be the best first step to help improve physician documentation? a. Contact CMS for assistance b. Change the medical staff bylaws to require improved documentation practice c. CORRECT Determine the type and volume of documentation problems d. Implement a documentation score card for each medical specialty

Determine the type and volume of documentation problems The first step in improving any problem is to identify the root causes of the problem and then develop and take appropriate actions to fit the cause of the problem. Options a, c, and d do not provide a process for identifying the root cause of the documentation problems (Carter and Palmer 2016, 515; Sayles and Gordon 2016, 671).

The Medical Record Committee is assessing various strategies to improve documentation in the health record. Concerns have been raised that current documentation practices may be insufficient to support diagnoses or reflect the progress and clinical findings in patient care. Which of the following would be the best first step to help improve physician documentation? a. Contact CMS for assistance b. Change the medical staff bylaws to require improved documentation practice c. Determine the type and volume of documentation problems d. Implement a documentation score card for each medical specialty

Determine the type and volume of documentation problems The first step in improving any problem is to identify the root causes of the problem and then develop and take appropriate actions to fit the cause of the problem. Options a, c, and d do not provide a process for identifying the root cause of the documentation problems (Carter and Palmer 2016, 515; Sayles and Gordon 2016, 671).

A health record technician is preparing a bill for a patient who has two different third-party payers. Verification of the payers has been performed. Before either of the payers can be billed, the health record technician must: a. Determine which policy is primary and which is secondary b. Contact the attending physician c. Contact the patient d. Determine who is the primary policy holder

Determine which policy is primary and which is secondary In many instances, patients have more than one insurance policy and the determination of which policy is primary and which is secondary is necessary so that there is no duplication in payment of benefits. This process is called coordination of benefits (COB) (Gordon and Gordon 2016a, 424).

The following data was collected for an audit of coding productivity. Given the results of the audit, which of the following actions should the HIM director take to improve coding productivity? a. Require all coding staff to work 140 hours b. Determine why productivity is low for part-time coders c. Require all coding staff to meet the departmental coding productivity average d. Determine why productivity is low for full-time coders

Determine why productivity is low for full-time coders Reading this graph, the full time coder productivity is lower than part-time coder productivity. The cause for this difference must be identified before any solution can be developed to increase the productivity of the full-time coders (Watzlaf 2016, 347; Prater 2016, 587-588).

An audit trail is a good tool for all the following except? a. Holding an individual employee accountable for actions b. Reconstructing electronic events c. Detecting a hacker d. Determining revenue from a particular DRG

Determining revenue from a particular DRG Audit trails are generated by specialized software that has multiple uses in securing information systems. These include individual accountability, reconstructing electronic events, problem monitoring, and intrusion detection. Determining revenue from a particular DRG is not a function of an audit trail (Sayles and Kavanaugh-Burke 2018, 232-233).

Which of the following electronic record technological capabilities would allow paper-based patient consent forms to be incorporated into a patient's EHR? a. Vocabulary standards b. Documentation-imaging technology c. Text processing d. Database management

Documentation-imaging technology Although many healthcare provider organizations have an EHR, there still remains a good deal of paper-based documentation that must be integrated and included within the patient's EHR. Current EHR systems contain documentation-imaging and document management technologies that provide for the capture, digitization, integration, storage, and retrieval of paper-based health record documentation (Brickner 2016, 107).

Which of the following would be used to encode textual material and convert it to scrambled data that must be decoded for the recipient to understand it? a. Encoding b. Encryption c. Firewall d. Virtual private network

Encryption The transmission security standard includes integrity controls, when deemed appropriate, for protecting ePHI from improper modification during transmission over computer networks and the use of encryption methods when ePHI is transmitted over public networks or communication systems. Encryption is a process that encodes textual material and converts it to scrambled data that must be decoded in order for the recipient to understand it (Johns 2015, 310).

The overall goal of documentation standards is to: a. Ensure physicians have access to the health record information they need to care for the patient. b. Ensure what is documented in the health record is complete and accurately reflects the treatment provided to the patient. c. Ensure the healthcare provider organization is reimbursed appropriately by payers. d. Ensure that CMS does not find reason to fine the healthcare provider organization.

Ensure what is documented in the health record is complete and accurately reflects the treatment provided to the patient. With the focus on patient care quality, appropriate reimbursement, and the prevention of fraud and abuse, the goal of documentation standards to ensure what is documented in the health record is complete and accurately reflects the treatment provided to the patient (Brickner 2016, 83).

A visitor walks through the IT department and picks up a flash drive from an employees desk. What security controls should have been implemented to prevent this security breach? a. Device and media controls b. Workstation security controls c. Workstation use controls d. Facility access controls

Facility access controls Facility access controls include establishing safeguards to prohibit the physical hardware and computer system itself from unauthorized access while ensuring that proper authorized access is allowed (Rinehart-Thompson 2016c, 273).

The HIM professional was asked by her facility administration to assess the impact of the proposed rule changes for the next fiscal year to the organization's Medicare reimbursement. What should the HIM professional reference to assess any changes to the relative weights for the new fiscal year? a. AHA Coding Clinic b. Federal Code of Regulations c. Federal Register d. AMA's CPT Assistant

Federal Register Proposed changes to the federal payment systems must be publicized in advance. Through a process known as notice of proposed rulemaking, federal agencies promulgate proposed rules in the Federal Register. Each DRG is assigned a relative weight (RW) that is intended to represent the resource intensity of the clinical group. Reviewing the notice of proposed rulemaking would show the proposed changes to the relative weights and can be used to calculate the impact to reimbursement for the next fiscal year (Casto 2018, 112).

Which of the following actions by a physician requires the patient's authorization? a. Giving a patient a pen with the name of a pharmaceutical product on it b. Giving the name of an expectant mother to a baby formula manufacturer c. Giving a sample product to a patient to use for a diagnosed condition d. Recommending acupuncture as an alternative treatment for a patient's condition

Giving the name of an expectant mother to a baby formula manufacturer Marketing generally requires patient authorization for the use of PHI. This includes giving an expectant mother's name to a baby formula manufacturer (Rinehart-Thompson 2016b, 241).

Which of the following entities owns the physical hospital health record? a. Attending physician b. Health information management department c. Patient d. Hospital that maintains the record

Hospital that maintains the record Ownership of the health record, regardless of the media in which it is contained, has traditionally been granted to the hospital that maintains the record (Brodnik 2017a, 9).

The purpose of the POA indicator is to identify: a. Hospital claim denials b. Medical fraud and abuse c. Hospital-acquired conditions d. DRG creep

Hospital-acquired conditions CMS requires hospitals to submit present on admission (POA) information on diagnoses for inpatient discharges to determine which conditions are hospital-acquired (HAC) (Gordon and Gordon, 2016a, 437).

The HIM professional is arguing against the use of the copy/paste function in the EHR. Which of the following would be the position for this argument? a. I am unable to identify the author. b. I am unable to print the data out. c. I am concerned about the time that it takes to copy/paste the documentation. d. I am concerned that the users will not know how to perform the copy/paste function.

I am unable to identify the author. In the EHR, the user is able to copy and paste free text from one patient or patient encounter to another. This practice is dangerous as inaccurate information can easily be copied. One of the risks to documentation integrity of using copy functionality includes the inability to identify the author of the documentation (Sayles 2016b, 69).

A patient is discharged with right sided hemiplegia and aphasia associated with an infarction of the middle cerebral artery of the left side of the brain. Which of the following code assignments would be appropriate for this case? G81.91 Hemiplegia, unspecified affecting right dominant side G81.93 Hemiplegia, unspecified affecting right non-dominant side I63.512 Cerebral infarction due to unspecified occlusion or stenosis of left middle cerebral artery I69.951 Hemiplegia and hemiparesis following unspecified cerebrovascular disease affecting right dominant side I69.953 Hemiplegia and hemiparesis following unspecified cerebrovascular disease affecting right non-dominant side I69.920 Aphasia following unspecified cerebrovascular disease R47.01 Aphasia a. I69.953, I69.920 b. I63.512, G81.91, R47.01 c. I69.951, I69.920 d. I63.512, G81.93, R47.01

I63.512, G81.91, R47.01 The cerebral infarction is coded as current of the middle cerebral artery on the left side I63.512; the hemiparesis has affected the right side so you would select code G81.91 because guideline I.C.6.a states if the dominance is not specified but the side affected is, the code selection should be made based the affected side. The right side was affected by the hemiplegia so the default for right side is dominant based on the coding guideline. The I69 codes would be used for a future admission based on the sequela of the CVA (Schraffenberger and Palkie 2019, 240).

The HIM department is having an issue with extensive use of sick leave within the department, and quality of work has declined. The HIM manager decides to personally ask each employee in the department what they believe is leading to the problem with extensive use of sick leave. The HIM manager uses this information to create a new sick leave policy in an effort to improve the quality of work performed in the department. What technique is the HIM manager using to address the sick leave and quality of work issue? a. Exclusive b. Facilitative c. Functional d. Inclusive

Inclusive Rationale: Encouraging team productivity can be a major issue in many organizations. This is an outgrowth of the two common management styles used by most organizations. One style is inclusive: all viewpoints are considered with respect to their potential contribution to solving the PI issue at hand. The other style is exclusive: its goal is to get to a result as quickly as possible. Each style has positive and negative aspects (Shaw and Carter 2019, 60).

The HIM department is having an issue with extensive use of sick leave within the department, and quality of work has declined. The HIM manager decides to personally ask each employee in the department what they believe is leading to the problem with extensive use of sick leave. The HIM manager uses this information to create a new sick leave policy in an effort to improve the quality of work performed in the department. What technique is the HIM manager using to address the sick leave and quality of work issue? a. Exclusive b. Facilitative c. Functional d. Inclusive

Inclusive Rationale: Encouraging team productivity can be a major issue in many organizations. This is an outgrowth of the two common management styles used by most organizations. One style is inclusive: all viewpoints are considered with respect to their potential contribution to solving the PI issue at hand. The other style is exclusive: its goal is to get to a result as quickly as possible. Each style has positive and negative aspects (Shaw and Carter 2019, 60).

A HIM department has set productivity standards for each task associated with scanning records of discharged patients. The standard for the scanning process is 1,500 images per hour worked. Twelve weeks after implementation, the standard is being reassessed because of errors being made by some employees. Given this data, what action might the HIM manager or director want to take regarding quality of production? EMPLOYEE, ACTUAL PRODUCTION, HRS WORKED, % ERRORS Chad, 1325 imgs/hr, 242, 1% Barbara, 1500 imgs/hr, 240, 2% Leslie, 1450 imgs/hr, 232, 1% Maria, 1700 imgs/hr, 240, 7% Mike, 1675 imgs/hr, 220, 6% a. Talk with Chad and put him on probation productivity under the standard. b. Complement Maria and Mike for exceeding the productivity standard. c. Incorporate quality expectations into the standard. d. Continue to benchmark another six weeks to see if there is any difference.

Incorporate quality expectations into the standard. Productivity standards should be based on both accuracy and volume (Prater 2016, 588).

A patient is undergoing a laparoscopic cholecystectomy. Following the insertion of the laparoscope into the abdominal cavity, the patient experienced a cardiac arrhythmia and the procedure was terminated. What root operation(s) would be coded for this procedure? a. Excision b. Inspection c. Resection d. Excision and Inspection

Inspection ICD-10-PCS guideline B3.3 states if the intended procedure is discontinued to code the procedure to the root operation performed. If a procedure is discontinued before any other root operation is performed, code the root operation Inspection of the body part or anatomical region inspected (Kuehn and Jorwic 2019, 41-42).

A patient is discharged with a diagnosis of abdominal pain, probable irritable bowel syndrome. Which of the following would be the correct sequencing and coding for this case? a. Irritable bowel syndrome b. Abdominal pain c. Abdominal pain, irritable bowel syndrome d. Irritable bowel syndrome, abdominal pain

Irritable bowel syndrome Probable diagnoses are coded as if confirmed; whereas, codes for symptoms, which in this case is abdominal pain, are not coded when they are integral to the underlying condition (Schraffenberger and Palkie 2019, 98).

Which of the following is true about the Joint Commission's "Do Not Use" abbreviation list? a. It applies to only preprinted forms b. It applies to only medication-related orders c. It applies to all documentation in the health record d. It applies to orders and medication-related documentation

It applies to orders and medication-related documentation The "Do Not Use" abbreviation list applies to all orders and all medication-related documentation that is handwritten (including free-text computer entry) or on preprinted forms (Shaw and Carter 2019, 222).

Shirley Denton has written to request an amendment to her PHI from Bon Voyage Hospital, stating that incorrect information is present on the document in question. The document is an incident report from Bon Voyage Hospital, which was erroneously placed in Ms. Denton's health record. The covered entity declines to grant her request based on which privacy rule provision? a. It was not created by the covered entity. b. It is her PHI and she can remove it from the record. c. It is not part of the designated record set. d. None. The covered entity must grant her request.

It is not part of the designated record set. The Privacy Rule permits individuals to request that a covered entity amend PHI or a record about the individual in a designated record set. Because the incident report was erroneously placed in this patient's record, it is not part of the designated record set and not amendable by the patient (Rinehart-Thompson 2017d, 246-247).

Shirley Denton has written to request an amendment to her PHI from Bon Voyage Hospital, stating that incorrect information is present on the document in question. The document is an incident report from Bon Voyage Hospital, which was erroneously placed in Ms. Denton's health record. The covered entity declines to grant her request based on which privacy rule provision? a. It was not created by the covered entity. b. It is her PHI and she can remove it from the record. c. It is not part of the designated record set. d. None. The covered entity must grant her request.

It is not part of the designated record set. The Privacy Rule permits individuals to request that a covered entity amend PHI or a record about the individual in a designated record set. Because the incident report was erroneously placed in this patient's record, it is not part of the designated record set and not amendable by the patient (Rinehart-Thompson 2017d, 246-247).

Which of the following is a key feature of a problem-oriented health record? a. Chronological list of solved problems b. Itemized list of patient's present and past conditions c. Itemized list of patient's present conditions d. Sequential list of patient's confirmed diagnoses

Itemized list of patient's present and past conditions

To stay current with new technologies and pioneering procedures, CPT is revised each year, with changes going into effect the following: a. Janaury 1st b. April 1st c. July 1st d. October 1st

Jan 1st The CPT Editorial Research and Development Department supports the modification process for the code set. To stay current with new technologies and pioneering procedures, CPT is revised each year, with changes going into effect the following January 1 (Casto 2018, 28).

The hospitals public relations department in conjunction with the local high school is holding a job-shadowing day. The purpose of this event is to give high school seniors an opportunity to observe the various jobs in the hospital and help them with career planning. The public relations department asks for event input from the standpoint of HIPAA compliance. In this case, what should the HIM department advise? a. Job shadowing is specifically prohibited by HIPAA. b. Job shadowing is allowed by HIPAA under the provision allowing students and trainees to practice. c. Job shadowing should be limited to areas in which the likelihood of exposure to PHI is very limited, such as administrative areas. d. Job shadowing is allowed by HIPAA under the provision of volunteers.

Job shadowing should be limited to areas in which the likelihood of exposure to PHI is very limited, such as administrative areas. Job shadowing should be limited to areas where the likelihood of exposure to PHI is very limited, such as in administrative areas. There is a provision in the Privacy Rule that permits students and trainees to practice and improve their skills in the healthcare environment; however, the context of this provision appears to imply that the students are already enrolled in a healthcare field of study and that they are under the supervision of the covered entity. Most covered entities require students to be trained on confidentiality and other requirements of the Privacy Rule, and job shadowing activities do not appear to apply in this exception (Thomason 2013, 41).

Under the HIPAA Privacy Rule, an impermissible use or disclosure should be presumed to be a breach unless the covered entity or business associate demonstrates that the probability the PHI has been compromised is ___________. a. Low b. High c. Moderate d. Non-existent

Low A breach should be presumed following an impermissible use or disclosure unless the covered entity or BA demonstrates a low probability that the PHI has been compromised (Rinehart-Thompson 2016b, 240).

Coding managers should have a complete understanding of current coding processes before they start which of the following process improvement tasks? a. Brainstorming b. Collecting and analyzing data c. Establishing ground rules d. Making recommendations for process change

Making recommendations for process change Before starting to benchmark an organization against others, managers may want to initiate a process analysis of their coding staff's internal situation. Coding managers should have a complete understanding of current coding processes in order to make comparisons or initiate changes (Schraffenberger and Kuehn 2011, 276-277).

Based on the percentage of charges in this table, the hospital provides the most services to which of the following? a. BC/BS b. TRICARE c. Medicare d. Medicaid

Medicare Medicare charges are 39% of the total, which is higher than any other payer. Charts and graphs of various types are the best means for presenting data for quick visualization of relationships, which allows the user to make determinations about the data (Watzlaf 2016, 347).

Deficiencies in a health record include which of the following? a. Contradictory content b. Mistake in the patient's age c. Illegible content d. Missing document

Missing document When a deficiency is identified in the health record, it must be corrected. This may require locating a missing document or asking the physician or other healthcare provider to either sign or complete a document (Sayles 2016b, 64).

Which database must a healthcare facility query as part of the credentialing process when a physician initially applies for medical staff privileges? a. UHDDS b. NPDB c. MEDPAR d. HEDIS

NPDB The law requires healthcare facilities to query the National Practitioner Data Bank (NPDB) as part of the credentialing process. The database should be queried when a physician initially applies for medical staff privileges and every two years thereafter (Sharp 2016, 185).

If the nursing director requested information, regarding the number of cardiac catheterizations performed in the previous fiscal year, which index would the HIT use to access this information? a. Disease index b. Operations/procedures index c. Master patient index d. Physician index

Operations/procedures index The operation/procedures index is arranged in numerical order by the patient's procedure code(s) using International Classification of Diseases or Current Procedural Terminology (CPT) codes. The other information listed in the operation index is generally the same as in other indices except that the surgeon may be listed in addition to, or instead of, the attending physician (Sharp 2016, 174).

In performing quantitative analysis of an emergency room health record, which of the following data elements would the health information technician look for to be present in the record? a. Advance directive, correspondence, anesthesia report b. Results of tests, consent for treatment, anesthesia report c. Consent for treatment, advance directive, consent to disclose information d. Patient identification, time and means of patient arrival, pertinent history of illness

Patient identification, time and means of patient arrival, pertinent history of illness The following information should be entered for each emergency room visit: patient identification; time and means of arrival to the facility; pertinent history of the illness, injury, and physical findings; emergency care given prior to arrival; diagnostic and therapeutic orders; clinical observations; reports and results of procedures and tests; diagnostic impression; medications administered; conclusions at the termination of evaluation/treatment; and documentation of cases when the patient leaves against medical advice (Brickner 2016, 100-101).

In performing quantitative analysis of an emergency room health record, which of the following data elements would the health information technician look for to be present in the record? a. Advance directive, correspondence, anesthesia report b. Results of tests, consent for treatment, anesthesia report c. Consent for treatment, advance directive, consent to disclose information d. Patient identification, time and means of patient arrival, pertinent history of illness

Patient identification, time and means of patient arrival, pertinent history of illness The following information should be entered for each emergency room visit: patient identification; time and means of arrival to the facility; pertinent history of the illness, injury, and physical findings; emergency care given prior to arrival; diagnostic and therapeutic orders; clinical observations; reports and results of procedures and tests; diagnostic impression; medications administered; conclusions at the termination of evaluation/treatment; and documentation of cases when the patient leaves against medical advice (Brickner 2016, 100-101).

The Northwest Hospital Corporations HIM Director is wanting to compare the time each of the hospitals in the corporation are spending on chart analysis, to determine a ________________ for their corporation. This HIM Director generated the following data to make this comparison. a. Process redesign b. Outcome comparison c. Performance standard d. Workflow analysis

Performance standard In this example, the HIM Director is using benchmarking to establish a performance standard for chart analysis based on current employee performance. Benchmarking is another method used in the systematic comparison of the products, services, and outcomes of one organization with those of a similar organization. In this case, the HIM director is performing an internal corporate benchmark comparison in order to set the corporate performance standard for chart analysis (Kelly and Greenstone 2016, 161).

A physician does not agree with the number of patients attributed to her for recredentialing purposes. Which of the following reports will be most useful in validating the data? a. Discharge Register b. Disease Index c. Physician Index d. Procedure Index

Physician Index The physician index is a listing of cases in order by physician name or physician identification number. It also includes the patient's health record number and may include other information, such as date of discharge. The physician index enables users to retrieve information about a particular physician, including the number of cases seen during a particular time period (Sharp 2016, 174).

A small critical care access hospital affiliated with Community Hospital has four physicians on staff. The medical staff at Community Hospital has determined that the hospital-acquired infection rate by physician should be 10 percent or lower. Using the information in the table, calculate the hospital-acquired infection rate for each physician, and then determine which of the following physicians did not meet the goal of a hospital-acquired infection rate of 10 percent or lower. Physcian #, No. of discharges, No. of infections #1 - 29, 6 #2 - 20, 2 #3 - 11, 2 #4 - 14, 1 a. All the physicians met the 10 percent or less goal b. Physicians 2 and 4 met the 10 percent or less goal c. None of the physicians met the 10 percent or less goal d. Physician 4 only met the 10 percent or less goal

Physicians 2 and 4 met the 10 percent or less goal Hospital-acquired (nosocomial) infection rates, now referred to as healthcare-associated infections may be calculated for the entire hospital or for a specific unit in the hospital, or in this case for specific physician. Ideally, the hospital should strive for an infection rate of zero. The formula for calculating the hospital-acquired infection rate is total number of hospital-acquired infections for a given period of time/total number of discharges, including deaths, for the same period x 100 (Horton 2016b, 399). Math:Physician 1: (6 × 100) / 29 = 20.69%Physician 2: (2 × 100) / 20 = 10.00%Physician 3: (2 × 100) / 11 = 18.18%Physician 4: (1 × 100) / 14 = 7.14%

What application of data mining is used to identify potential fraudulent Medicare claims? a. Database modeling b. Knowledge management c. Predictive modeling d. Total quality management

Predictive modeling Predictive modeling is another application of data analytics in healthcare. Predictive modeling is a special application of data mining. CMS is using predictive modeling to identify potential fraudulent Medicare claims (White 2016, 7-8).

If a healthcare provider is accused of breaching the privacy and confidentiality of a patient what resource may a patient rely on to substantiate the provider's responsibility for keeping health information private? a. Professional Code of Ethics b. Federal Code of Fair Practice and Ethics c. Federal Code of Silence d. State Code of Fair Practice

Professional Code of Ethics The Professional Code of Ethics is based on ethical principles regarding privacy and confidentiality of patient information that have been an inherent part of the practice of medicine since the 4th century BC when the Hippocratic Oath was created. Courts in various jurisdictions have concluded that a physician has a fiduciary duty to the patient to not disclose the patient's health and medical information (Theodos 2017, 14, 22).

Work schedules are developed to: a. Ensure that work gets done b. Orient new employees to the organization c. Provide adequate coverage during business hours d. Ensure the staff are trained for their unique role

Provide adequate coverage during business hours Work schedules are an important tool for the supervisor. Knowing when and which employees will be at work and covering shifts and jobs within the department helps the supervisor manage one of the organizations most costly assets—the employee (Prater 2016, 585).

The Health Insurance Portability and Accountability Act (HIPAA): a. Applies to anyone who collects health information b. Preempts all state laws c. Provides a federal floor for healthcare privacy d. Duplicates the Joint Commission standards

Provides a federal floor for healthcare privacy The HIPAA Privacy Rule provides only a federal floor, or minimum, on privacy requirements. This means that the federal Privacy Rule does not preempt, or supersede, stricter state statutes (or other federal statutes, for that matter) when they exist (Rinehart-Thompson 2016b, 219).

Which of the following is an external user of healthcare facility data? a. Director of the clinical laboratory b. Hospital administrator c. Public health department d. Medical staff

Public health department External users of patient data are individuals and institutions outside of the facility. Examples of external users are state data banks and federal agencies (Sharp 2016, 173).

A patient is admitted to the hospital with back pain. The principal diagnosis is pyelonephritis. The patient also has depression, diverticulosis, and diabetes. In the inpatient prospective payment system, which of the following would determine the MDC assignment for this patient? a. Depression b. Diabetes c. Diverticulosis d. Pyelonephritis

Pyelonephritis To determine the appropriate MS-DRG, a claim for a healthcare encounter is first classified into one of 25 major diagnostic categories (MDCs). The principal diagnosis determines the MDC assignment. The principal diagnosis is the condition established after study to have resulted in the inpatient admission (Casto 2018, 122).

A hospital allows the use of the copy functionality in its EHR system for documentation purposes. The hospital has established explicit policies that define when the copy function may be used. Which approach would be the best for conducting a retrospective analysis to determine if hospital copy policies are being followed? a. Institute an in-service program for all hospital personnel b. Randomly audit EHR documentation for patients readmitted within 30 days c. Observe the documentation practices of all clinical personnel d. Survey practitioners to determine if they are following hospital policy

Randomly audit EHR documentation for patients readmitted within 30 days A random selection of EHR documentation would be the best approach for avoiding selection bias and determining how the copy function is being used. Random sampling involves selecting individuals or items (documentation samples) from the population (the EHR) in such a way that every individual or item has an equal chance of being selected and included in the sample (Horton 2017, 292).

What term would be applied to a comparison of the number of female patients to the number of male patients who were discharged from DRG 326? a. Rate b. Proportion c. Ratio d. Percentage

Ratio A ratio is a calculation found by dividing one quantity by another. It compares quantities (Horton 2016b, 382-383).

Sally Mitchell was treated for kidney stones at Graham Hospital last year. She now wants to review her health record in person. She has requested to review them by herself in a private room. Which of the following is true based on this scenario? a. Sally's request does not have to be granted because the hospital is responsible for the integrity of the health record. b. Failure to accommodate her wishes will be a violation under the HIPAA Privacy Rule. c. Sally owns the information in her record, so she must be granted her request. d. Patients should never be given access to their actual health records.

Sally's request does not have to be granted because the hospital is responsible for the integrity of the health record The integrity of the health record is critical to its defensibility in a court of law. Integrity of a record refers to its accuracy and completeness. Allowing Sally to review her record by herself in a closed room puts the integrity of the record at risk (Rinehart-Thompson 2017d, 245-246).

An employee observes a non-employee putting a flash drive in a bag. The employee does not report this security breach. What security measures should have been in place to help ensure that such a case is reported? a. Access controls b. Audit controls c. Authentication controls d. Security incident procedures

Security incident procedures HIPAA requires that organizations establish security incident procedures so that management and employees know what to do in the event of a security breach (Rinehart-Thompson 2016c, 272).

In regard to data security, what is the purpose of a red flag? a. Elevate security protection levels b. Increase audit trail reporting c. Raise concerns over security awareness d. Sound an alert to a potential identify theft

Sound an alert to a potential identify theft As part of risk management programs, a "red flag" is used to signal the presence of identity theft (Johns 2015, 221).

This law prohibits a physician from referring patients to a business in which he or she or a member of the physician's immediate family has financial interests a. False Claims b. Anti-Kickback c. Health Insurance Portability and Accountability Act d. Stark Law

Stark Law While all these laws apply to fraud and abuse, the Stark Law is the one that prohibits physicians from referring patients to a business that he or she or family has financial interests (Foltz et al. 2016, 450).

After a claim has been filed with Medicare, a healthcare organization had late charges posted to a patients outpatient account that changed the calculation of the APC. What is the best practice for this organization to receive the correct reimbursement from Medicare? a. Bill the patient for any remaining balance after payment from Medicare is received. b. Do nothing because the claim has already been submitted. c. Return the account to coding for review d. Submit an adjusted claim to Medicare.

Submit an adjusted claim to Medicare. Late charges are any charges that have not been posted to the account number within the healthcare facility's established bill hold time period. Best practice is four days from the date of service or discharge. For the provider to be paid for these charges, an adjusted claim must be sent to Medicare (Schraffenberger and Kuehn 2011, 460).

How are amendments handled in the EHR? a. Amendments are automatically appended to the original note. No additional signature is required. b. Amendments must be entered by the same person as the original note. c. Amendments cannot be entered after 24 hours of the event. d. The amendment must have separate authentication, date, and time.

The amendment must have separate authentication, date, and time. Policies and procedures need to be in place to address amendments and corrections in the EHR. Once a document is authenticated, the document should be locked to prevent changes. In the event that an amendment, addendum, or deletion needs to be made, the document would need to be unlocked. The EHR should retain the previous version of the document and identify who made the change along with the date and time that the change was made (Sayles 2016b, 70).

A health information management professional may attend legal proceedings and testify as to: a. The reason a patient was treated b. Reasons a defendant health care provider should not be sued c. The authenticity of the patient's health record d. The medical necessity of any procedures performed

The authenticity of the patient's health record The custodian of health records or another designated individual (including the HIM professional) can be called as a witness by one or more parties to testify as to the authenticity of the health record that is being sought as evidence. Testifying to a record's authenticity refers to the verification of the record's validity so it is therefore reliable and truthful as evidence (Rinehart-Thompson 2017a, 55, 59).

A health information management professional may attend legal proceedings and testify as to: a. The reason a patient was treated b. Reasons a defendant health care provider should not be sued c. The authenticity of the patient's health record d. The medical necessity of any procedures performed

The authenticity of the patient's health record The custodian of health records or another designated individual (including the HIM professional) can be called as a witness by one or more parties to testify as to the authenticity of the health record that is being sought as evidence. Testifying to a record's authenticity refers to the verification of the record's validity so it is therefore reliable and truthful as evidence (Rinehart-Thompson 2017a, 55, 59).

A patient requests that disclosures made from her health record are limited to specific clinical notes and reports. Given HIPAA requirements, how must the hospital respond? a. The hospital must honor the request. b. The hospital must guarantee that the request will be followed. c. The hospital must agree to the request, providing that state or federal law does not prohibit it. d. The hospital must accept the request but does not have to agree to it.

The hospital must accept the request but does not have to agree to it. Common practice for covered entities is to accept the request but not to agree to the restrictions because of the legal implications to the covered entity should the restrictions be violated. Instead, if there are valid reasons why the patient requests a restriction, covered entities implement steps in an attempt to restrict the information as best as their systems and processes allow. The covered entity responds to the patient by describing measures it has taken but does not guarantee that the information is protected against incidental or accidental disclosure (Thomason 2013, 106-107).

Which of the following statements about compiling a directory of patients being treated in the hospital is true? a. A written authorization from the patient is required before any information about him or her is placed in a hospital directory of patients. b. An individual may not restrict or prohibit any uses of the directory. c. Only the patient's first and last names may be placed in a directory without his or her consent or authorization. d. The patient must be informed that certain information is maintained in a directory and to whom this information may be disclosed.

The patient must be informed that certain information is maintained in a directory and to whom this information may be disclosed. When the healthcare facility wants to keep a directory of patients the covered entity must inform the patient of the information to be included in the directory and the people to whom information may be disclosed. The patient must be given the opportunity to restrict or prohibit some or all of the uses or disclosures (Rinehart-Thompson 2016b, 234).

Which of the following statements about compiling a directory of patients being treated in the hospital is true? a. A written authorization from the patient is required before any information about him or her is placed in a hospital directory of patients. b. An individual may not restrict or prohibit any uses of the directory. c. Only the patient's first and last names may be placed in a directory without his or her consent or authorization. d. The patient must be informed that certain information is maintained in a directory and to whom this information may be disclosed.

The patient must be informed that certain information is maintained in a directory and to whom this information may be disclosed. When the healthcare facility wants to keep a directory of patients the covered entity must inform the patient of the information to be included in the directory and the people to whom information may be disclosed. The patient must be given the opportunity to restrict or prohibit some or all of the uses or disclosures (Rinehart-Thompson 2016b, 234).

A patient contacts the HIM manager at Wildcat Hospital with a privacy complaint about another covered entity. What should the HIM manager recommend to the patient? a. The patient should first complain to the Office of Civil Rights b. The patient should first be encouraged to complain to the covered entity whose actions generated the complaint. c. The patient should first complain to the CEO of Wildcat Hospital d. The patient should first complain to their insurance company

The patient should first be encouraged to complain to the covered entity whose actions generated the complaint. A covered entity is required by the HIPAA Privacy Rule to create a process to handle complaints from individual who feel their privacy rights have been violated by the covered entity, or when the individuals covered entity has not protected their information as required by the Privacy Rule. In this case, the patient should be encouraged to first complain to the covered entity whose actions generated the complaint (Rinehart-Thompson 2017d, 249-250).

Optimum workflow for coders is dependent not only on the efficient sequence of record-processing functions, but also on: a. The physical location in which coding is performed b. Cooperative relationships between staff members c. Proper lighting d. Coder productivity

The physical location in which coding is performed Workflow is an important issue both within the health information management (HIM) department and between that unit and other departments of the healthcare organization. Focusing first on the issues generated within HIM, it is important to consider where in the record processing functions clinical analysis, coding, and abstraction will reside. If coding professionals are segregated to perform clinical analysis, coding, and abstracting functions only, optimal workflow with other members of the HIM department is not accomplished. Careful evaluation of the timing, configuration, and coordination of these processes is necessary, tailored to the situations currently existing in the particular healthcare organization (Schraffenberger and Kuehn 2011, 259-260).

Optimum workflow for coders is dependent not only on the efficient sequence of record-processing functions, but also on: a. The physical location in which coding is performed b. Cooperative relationships between staff members c. Proper lighting d. Coder productivity

The physical location in which coding is performed Workflow is an important issue both within the health information management (HIM) department and between that unit and other departments of the healthcare organization. Focusing first on the issues generated within HIM, it is important to consider where in the record processing functions clinical analysis, coding, and abstraction will reside. If coding professionals are segregated to perform clinical analysis, coding, and abstracting functions only, optimal workflow with other members of the HIM department is not accomplished. Careful evaluation of the timing, configuration, and coordination of these processes is necessary, tailored to the situations currently existing in the particular healthcare organization (Schraffenberger and Kuehn 2011, 259-260).

A patient is discharged from the hospital with a diagnosis of peptic ulcer versus cholecystitis, which are both equally treated and well documented. What should the coder assign as the principal diagnosis? a. The principal diagnosis must be peptic ulcer b. The principal diagnosis must be cholecystitis c. The principal diagnosis can be either peptic ulcer or cholecystitis d. The coder must query the physician for clarification

The principal diagnosis can be either peptic ulcer or cholecystitis In the unusual instance when two to more diagnoses equally meet the criteria for principal diagnosis, as determined by the circumstances of admission, diagnostic workup, and/or the therapy provided, and the alphabetic index, tabular list, or another coding guideline does not provide sequencing direction in such cases, any one of the diagnoses may be sequenced first (Schraffenberger and Palkie 2019, 96).

A coding supervisor wants to compare the work productivity between coders over time as part of the overall hospital performance improvement program. The coding supervisor has compared each coders productivity by counting the number of records each coder has coded during the past month. Which of the following would best describe the process followed by the coding supervisor? a. The process provides an adequate measure of each coder's performance. b. The process would be improved by calculating averages rather than comparing record counts. c. The process would be improved by measuring coder productivity per hour. d. The process is inadequate because it does not look at external benchmarks.

The process would be improved by measuring coder productivity per hour. Measuring productivity per hour provides a consistent baseline for comparison among the coders. Measuring productivity per month does not take into consideration differences in work hours that might be caused by illness, vacation time, or other variables (Prater 2016, 587-588).

The following graph of data security breaches shows a range of breaches from YR-1 to YR-7. In YR-4, a law requiring mandatory reporting of security breaches became effective. Given this information, which of the following is the best interpretation of the graph? a. Between YR-2 and YR-3, there were very few data security breaches. b. Security breaches are less prevalent from YR-4 to YR-7. c. The volume of security breaches cannot be adequately estimated prior to YR-4. d. In YR-4, there were more security breaches than YR-7.

The volume of security breaches cannot be adequately estimated prior to YR-4. Because mandatory reporting of breaches was not required until YR-4, the number of breaches cannot be adequately estimated before that time; therefore, comparisons of the data cannot be made between data before YR-4 and data after YR-4. Charts and graphs of various types are the best means for presented data for quick visualization of relationships allowing the user to make determinations about the data (Watzlaf 2016, 347).

The outpatient clinic of a large hospital is reviewing its patient sign-in procedures. The registration clerks say it is essential that they know if the patient has health insurance and the reason for the patient's visit. The clerks maintain having this information on a sign-in sheet will make their jobs more efficient and reduce patient waiting time in the waiting room. What should the HIM director advise in this case? a. Patient name, insurance status, and diagnoses are permitted by HIPAA b. To be HIPAA compliant, sign-in sheets should contain the minimum information necessary such as patient name only. c. Patient name, insurance status, and the reason for the visit would be considered incidental disclosures if another patient saw this information. d. Any communication overheard by another patient is considered an incidental disclosure.

To be HIPAA compliant, sign-in sheets should contain the minimum information necessary such as patient name only. Patients may sign in their names on a waiting room list. If another patient sees it, that is considered an incidental disclosure. In determining the content of these sign-in lists, the healthcare provider must take reasonable precautions to limit information to what is the minimum necessary for the purpose (Thomason 2013, 38).

Why is only the most current version of a document displayed? a. All previous versions are deleted b. The user decides which version to see c. To ensure there is no confusion on the correct document d. Only the physician has access to previous versions of a document

To ensure there is no confusion on the correct document Version control identifies which version(s) of the documents is available to the user. All versions must be maintained but access to all except the current version should be controlled so that there is no confusion about which version is correct (Sayles 2016b, 69).

The compliance officer was made aware that a user accessed the PHI of a patient with the same last name through a computer alert. This is the example of a(n): a. Trigger b. Authentication c. Integrity d. Transmission security

Trigger The security audit process should include triggers that identify the need for a closer inspection. Just because a trigger has been activated does not mean that there has been a breach. With common names such as Smith and Jones, it would be easy for an employee named Smith or Jones to access patient information from a person with the same last name who was not related (Sayles and Kavanaugh-Burke 2018, 232).

Information collected in a cancer registry typically includes: a. Type and stage of cancer and patient demographic information b. Stage of cancer, patient demographic information, and total charges c. Patient demographic information, claims reconciliation, and type of cancer d. Type and stage of cancer, total charges, and claims reconciliation

Type and stage of cancer and patient demographic information In a cancer registry, data elements are obtained by reviewing and collecting them from the patient's health record. In addition to demographic information (such as name, health record number, and address), data in the registry includes the type and site of the cancer, diagnostic methodologies, treatment methodologies, and stage at the time of the diagnosis. Total charges and claims reconciliation are not collected in the cancer registry (Sharp 2016, 175-176).

An employee forgot his password and uses another employees user ID and password to access the EHR. What controls should have been in place to minimize this security breach? a. Access controls b. Security incident procedures c. Workforce security awareness and training d. Security management process

Workforce security awareness and training A strategy included in a good security program is employee security awareness and training. Employees are often responsible for threats to data security. Consequently, employee awareness is a particularly important tool in reducing security breaches (Rinehart-Thompson 2016c, 272).

The technique that provides a snapshot of an existing process and can identify potential areas for change is: a. Time ladder b. Work-imaging study c. Benchmarking d. Needs assessment

Work-imaging study A work-imaging study can be described as a snapshot of the current process that can identify potential areas for change in the process, a way to quantify opportunities to improve the healthcare organization's structure, a way to show where to consolidate staff functions and responsibilities (Schraffenberger and Kuehn 2011, 276-277).

An employee forgot his password and uses another employees user ID and password to access the EHR. What controls should have been in place to minimize this security breach? a. Access controls b. Security incident procedures c. Workforce security awareness and training d. Security management process

Workforce security awareness and training A strategy included in a good security program is employee security awareness and training. Employees are often responsible for threats to data security. Consequently, employee awareness is a particularly important tool in reducing security breaches (Rinehart-Thompson 2016c, 272).