HIPAA Ch.5 and 6

Ace your homework & exams now with Quizwiz!

Fraud and abuse investigation of HIPAA Privacy Rule is under the direction of

Officer for Civil Rights.

The purpose of health information exchanges (HIE) is so

Other health care providers can access the medical record of a patient for better coordination of care.

Under HIPAA, members of the press can

Receive the same information as any other person would when asking for a patient by name.

Coded identifiers for all parties included in a claims transaction are needed to

Simplify electronic transmission of claims information

A health care provider who is compliant with the Privacy and Security Rules of HIPAA has greatly improved protection against medical identity theft.

True

Administrative Simplification focuses on reducing the time it takes to submit health claims. The unique identifiers are part of this simplification.

True

After a patient downloads personal health information, all the Security and Privacy measures of HIPAA are gone.

True

Faxing is still permitted under HIPAA law.

True

One additional benefit of completely electronic medical records is that more accurate data can be obtained from a greater population, so efficient research can be done to improve our country's health status.

True

With the ruling in the Omnibus Rule of 2013, any genetic information is now covered by HIPAA Privacy and Security Rule.

True

When patients "opt-out" of the facility directory, it means

their name will not be disclosed on a published list of patients being treated at the facility.

The Employer Identification Number (EIN) contains

two digits, a hyphen, then nine other digits without intelligence.

The implementation of unique Health Plan Identifiers (HPID) was mandated in which ruling?

Affordable Care Act (ACA) of 2009

Which federal act mandated that physicians use the Health Information Exchange (HIE)?

Affordable Care Act (ACA) of 2010

To comply with HIPAA, it is vital to

All of the above

The Health Information Technology for Economic and Clinical Health (HITECH) is part of

American Recovery and Reinvestment Act (ARRA) of 2009

The Meaningful Use mandate is part of

American Recovery and Reinvestment Act (ARRA) of 2009.

When a patient is transferred to another facility, access to the medical records by the receiving facility is no longer permitted under HIPAA.

False

When a patient refuses to sign a receipt of the NOPP, the facility will ask the patient to leave since they cannot treat the patient without a signature.

False

When registering a patient for outpatient or inpatient services, the office does not need to enter complete information prior to the encounter. It can be found out later.

False

Which federal government office is responsible to investigate HIPAA privacy complaints?

Office for Civil Rights

The purpose of Health Information Exchange (HIE) is to facilitate secure encrypted transport of health information between

Authorized providers treating the same pt.

Privacy of PHI includes

Both medical and financial records of patients.

Protected health information (PHI) includes

Both medical and financial records of patients.

The Medicare Electronic Health Record Incentive Program is part of Affordable Care Act (ACA) and is under the direction of

Centers for Medicare and Medicaid Services (CMS).

The adopted standard identifier for employers is the

EIN

One benefit of personal health records (PHR) is that

Each patient can add or adjust the information included in the record.

All four parties on a health claim now have unique identifiers.

False

All four type of entities written in the original law have been issued unique identifiers.

False

Any changes or additions made by patients in their Personal Health record are automatically updated in the Electronic Medical Record (EMR).

False

Covered entities who violate HIPAA law are only punished with civil, monetary penalties.

False

HIPAA allows disclosure of PHI in many new ways.

False

If a covered entity has disclosed some protected health information (PHI) in violation of HIPAA, a patient can sue the covered entity for damages.

False

Notice of Privacy Practices (NOPP) must be given to patients every time they visit the facility.

False

Prescriptions may only be picked up by the patient to protect the privacy of the individual's health information.

False

How can you easily find the latest information about HIPAA?

From Department of Health and Human Services website

The law Congress passed in 1996 mandated identifiers for which four categories of entities?

Health care providers, health plans, patients, employers

What are the three types of covered entities that must comply with HIPAA?

Health plans, health care providers, and health care clearinghouses

The Centers for Medicare and Medicaid Services (CMS) set up the ICD-9-CM Coordination and maintenance Committee to

Maintain a crosswalk between ICD-9-CM and ICD-10-CM.

What information is not to be stored in a Personal Health Record (PHR)?

Tax return information

If any staff member is found to have violated HIPAA rules, what is a possible result?

The incident retained in personnel file and immediate termination

A health care provider who is compliant with the Privacy and Security Rules of HIPAA has greatly improved protection against medical identity theft

True

Genetic information is

Unique information about you and the characteristics found in your DNA.

Meaningful Use program included incentives for physicians to begin using all but which of the following?

Voice mail messages

Enforcement of Health Insurance Portability and Accountability Act (HIPAA) is under the direction of

Wrong Answer: Centers for Medicare and Medicaid Services (CMS)

Physicians were given incentives to use "e-prescribing" under which federal mandate?

Wrong Answer: Centers for Medicare and Medicaid Services (CMS)

Which safeguard is not required for patients to access their Patient Portal

Wrong Answer: Encryption software

American Health Information Management Association (AHIMA) has found that the problems of complying with HIPAA Privacy Rule are mainly those that

account for the release of PHI

HIPAA requires that using unique identifiers

improve efficiency, effectiveness, and safety of the health care system.

Electronic messaging is one important means for patients to confer with their physicians. What platform is used for this?

patient portal

The long range goal of HIPAA and further refinements of the original law is

All of the above

Health Information Exchanges (HIE) are designed to allow authorized physicians to exchange health information. Which federal law(s) influenced the implementation and provided incentives for HIE?

All of these

Which government department did Congress direct to write the HIPAA rules?

Department of Health and Human Services

Questions other people have asked about HIPAA can be found by searching FAQ at

Department of Health and Human Services Web site.

Who is responsible to update and maintain Personal Health Records?

Patient

Reliable accuracy of a personal health record is limited

Since the electronic medical record (EMR) is the legal medical record kept by each provider who generated the record.

Enforcement of the unique identifiers is under the direction of

Wrong Answer: Office for Civil Rights

Filing a complaint with the government about a violation of HIPAA is possible

Wrong answer: by contacting your state's insurance commissioner.

Use of the EIN on a standard transaction is required

Wrong answer: to identify when an employee is enrolled or disenrolled in a health plan.

Including employers in the standard transaction

is necessary for Workers' Compensation claims and when verifying enrollment in a plan.

Congress passed HIPAA to focus on four main areas of our health care system. They are to

keep electronic information secure, keep all information private, allow continuation of health coverage, and standardize the claims process.

A result of this federal mandate brought increased transparency and better efficiency, and empowered patients to utilize the electronic health record of their physician to view their own medical records. This mandate is called

meaningful use

Health care providers set up patient portals to

Allow patients secure, encrypted access to their own medical record held by the provider.

The HITECH (Health information Technology for Economic and Clinical Health) mandates all health care providers adopt high standards of technology without any compensation for the cost to individual providers

False

The National Provider Identifier (NPI) issued by Centers for Medicare and Medicaid Services (CMS) replaces only those numbers issued by private health plans.

False

The Personal Health Record (PHR) is the legal medical record.

False

The new National Provider Identifier (NPI) has "intelligence" that allows you to find out the provider's specialty.

False

The unique identifier for employers is the Social Security Number (SSN) of the business owner.

False

Which federal government office is responsible to investigate non-privacy complaints about HIPAA law?

Office of E-Health Services and Standards

Genetic Information is now protected as all other Personal Health Information (PHI) with the passing of which federal law?

Omnibus Rule of 2013

What is the difference between Personal Health Record (PHR) and Electronic Medical Record (EMR)?

PHR can be modified by the patient; EMR is the legal medical record

Patients are given access to their physician's EMR to view their own records through a (an)

Patient portal

HIPAA seeks to protect individual PHI and discloses that information only when it is in the best interest of the patient.

True

HIPAA serves as a national standard of protection.

True

One process mandated to health care providers is writing prescriptions via e-prescribing.

True

One reason not to use the SSN for patient identifiers is that there is no check digit for verification of the number.

True.

Where is the best place to find the latest changes to HIPAA law?

Wrong Answer: Centers for Medicare and Medicaid Services (CMS) Website

What is the name of the format that allows other providers to access another physician's record of a patient?

Wrong Answer: Electronic Medical Record (EMR)

Which federal office has the responsibility to enforce updated HIPAA mandates?

Wrong Answer: Office for Civil Rights

The source documents for original federal documents such as the Federal Register can be found at

Wrong Answer: Office for Civil Rights Web site.

Strengthened restrictions on security redefineed the subcontractors of business associates who might have even incidental exposure to Personal Health Information (PHI) as

Wrong answer: Covered entities

Two of the reasons for patient identifiers are

Wrong answer: a. it has been written as law by HIPAA and the government will be better able to oversee health care.

What are the three covered entities that must comply with HIPAA?

Wrong answer: health plans, healthcare clearinghouse, health care providers.

In keeping with the "minimum necessary" policy, an office may leave

Wrong answer: only the doctor's office phone number on voicemail.

Standardization of claims allows covered entities to

Wrong answer: All of the above.

Which organization directs the Medicare Electronic Health Record Incentive Program?

centers for medicare and medicaid services

HIPAA in 1996 enacted security measures that do not need updating and are valid today as written.

false

When there is a difference in state law and HIPAA, HIPAA will always supersede the local or state law.

false

Funding to pay for oversight and compliance to HIPAA is provided by

federal income taxes.

Administrative Simplification means that all

health claims will be submitted on the same form.

Medical identity theft is

obtaining personal medical information for use in submitting false claims or seeking medical care or goods.

When visiting a hospital, clergy members are

receive a list of patients who have identified themselves as members of the same particular denomination.

Health plan identifiers defined for HIPAA are

the HPID (health plan identifier)


Related study sets

Cybersecurity Analyst (CSA+) - Practice Test

View Set

MKT Research Exam 2 - Mindtap Q's

View Set

French quiz comparative and superlative 2/27/17 (chapter 6)

View Set

mktg 371 chapter 10- buying and disposing

View Set

Properties of Gases and Equations

View Set

Chapter 5 Chemistry Test Balentine

View Set