HCISPP Sample Questions Answers

Data aggregation

Anonymous

Non-disclosed

Anonymized

Lister

Flemming

Koch

Roentgen

Information related to lawsuits again employers

Enrollment and claim information

Workman's Compensation claims

Deidentified information

Pull the file with the accounting of disclosures for the client

Explain that disclosures are allowed as long as the client's information is deidentified or the client consents

Refer the client to the agency's Privacy Officer

Review the client's releases of information with the client

Generalists earn lower incomes than specialists

Generalists practice resource-intensive medicine and generate lower overall health care expenditures

Generalists use less hospital and laboratory services

All of the above

Beliefs and values

Science and technology

Medical education

Economic growth

The Joint Commission

American Osteopathic Association

Community Health Accreditation Program ( CHAP)

White, non-Hispanic

Black, non-Hispanic

Hispanic

American Indian

True

False

AAPC

ACMCS

AHIMA

NCRA

Talking about consumers in public areas or where you can be overheard

Sharing your computer password with a new staff that does not have their own

Including PHI in an unecypted email via a public system

Keeping computer screens out of sight of others

None of the above

employer based

financed by the government

privately purchased

none of the above

There are no specific elements which must be included in a Business Associate Agreement. However some recommended but not compulsory elements are listed in 164.504(e) (2)

There are specific elements which must be included in a Business Associate Agreement. These elements are listed Privacy Legislation

There are no specific elements which must be included in a Business Associate Agreement.

There are specific elements which must be included in a Business Associate Agreement. These elements are listed in 164.504(e) (2)

Patients

Providers

Health insurance companies

The government

Document the system as high risk

Perform a vulnerability assessment

Perform a quantitative threat assessment

Notate the information and move on

No penalties

HIPPA calls for severe civil and criminal penalties for noncompliance, including: -- fines up to $25k for multiple violations of the same standard in a calendar year -- fines up to $250k and/or imprisonment up to 10 years for knowing misuse of individually identifiable health information.

HIPPA calls for severe civil and criminal penalties for noncompliance, includes: -- fines up to 50k for multiple violations of the same standard in a calendar year -- fines up to $500k and/or imprisonment up to 10 years for knowing misuse of individually identifiable health information

HIPPA calls for severe civil and criminal penalties for noncompliance, including: -- fines up to $100 for multiple violations of the same standard in a calendar year -- fines up to $750k and/or imprisonment up to 20 years for knowing misuse of individually identifiable health information

Determination that all staff will receive security training

Policy related to documentation of all security training

Procedural issues of who will terminate user access

Training on vulnerabilities of the electronic Protected Health Information policies

Ford Motor Company/Blue Cross

General Motors/Blue Cross

General Motors/Metropolitan life

Confidentiality

Release of information

Preemption

High risk patients pay relatively low premiums.

It provides affordable coverage to the chronically ill.

Young, healthier groups have cheaper premiums.

The elderly have among the lowest premiums.

Forbids individual health plans from denying coverage or imposing preexisting condition exclusions

Creates opportunities for fraud and abuse within the health care system

Requires the establishment of national standards for electronic health care transactions

Protects health insurance coverage for workers and their families

Coding and Abstracting

Incomplete Record Processing

Redcord Circulatoin

Decreased utilization of lower cost preventive services

Increased need for more expensive, emergency health care

The spread of infectious diseases

All of the above

Neighborhood health centers

Multispecialty group practices

Large "corporate" group practice organizations and networks

None of the above

improve access to care

develop formalized standards of care

separate financial and clinical decisions

focus on individual caregivers

The most costly

The least universal

Both a and b

Neither a or b

True

False

True

False

Standardization of electronic patient health, administrative and financial data

Unique health identifiers for individuals, employers, health plans, and health care providers.

Common health identifiers for individuals, employers, health plans and health care providers.

Security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present or future.

True

False

Primary care

Secondary care

Tertiary care

Both A and B

Academic standards of medical schools became much more rigorous

Many medical schools closed

Homeopathic schools sanctioned homeopaths as "physicians"

Only schools meeting the standards of LCME were able to award MD degrees

Clearinghouse

Client patient

Health practitioner

Third party

True

False

Business associates who access information by good faith, unintentional means and do not further disclose information

Unintentional, good faith access by employees of covered entities if the information was not further disclosed

If the information impacted less than 500 people within a single demographic area

Inadvertent disclosure made individual to individual within a covered entity who is authorized to access protected health information

Auditing

Anonymization

Privacy monitoring

Data retention

True

False

Medical Staff

Administration

Board of Trustees

There are numerous health plans, which is difficult for providers to handle

Payments are not standardized across health plans

Some healthcare services are covered for people in the north, but not in the south

Government programs required extensive documentation proving services were provided before paying providers

Renaissance

Ancient

Modern

Primary

Tertiary

Secondary

Longitudinality, or following a patient over time

Comprehensiveness

Coordination

All of the above

The inherent risk is greater than the residual risk.

The Annualized Loss Expectancy (ALE) approaches zero.

The expected loss from the risk exceeds mitigation costs.

The infrastructure budget can easily cover the upgrade costs.

Joint Commission

CMS

HIPPA

No, a client is not allowed to have access to any part of a mental health record, with or without psychotherapy notes

Generally, including conditioning enrollment in a plan on the client granting authorization for disclosure of psychotherapy notes

Yes, and client is entitled to all of the same information in both settings

Generally, psychotherapy notes are not included in the provision that allows clients to see and copy their health information

Reduction of administrative waste

Use of cost-effective analysis to limit care

Elimination of inappropriate care

Elimination of ineffective care

Owner’s ability to realize financial gain

Owner’s ability to maintain copyright

Right of the owner to enjoy their creation

Right of the owner to control delivery method

The rising cost of health care.

An increase in non-unionized jobs

A shift from manufacturing jobs to service industry jobs

All of the above

It was used to quarantine people who had contracted a contagious disease

It provided free medical care and drugs to ambulatory patients

It specialized in performing basic surgeries

It performed general welfare and custodial functions

Licensure

Regulation

True

False

Administration

Board of Trustees

Medical Staff

Medicare

Medicaid

Chips

Collecting security events and correlating them to identify anomalies

Facilitating system-wide visibility into the activities of critical user accounts

Encompassing people, process, and technology

Logging both scheduled and unscheduled system changes

Reduce administrative overhead in provider-payer transactions

Simplify administrative functions such as payroll and benefits

Create multiple forms for various transactions

Add more details to the processing of electronic transactions

Health care clearinghouses

Business associates

Covered entities

Personal health care vendors

Supply limits

Utilization management

Patient cost sharing

Aggregate unites of payment

Yes

No

Board of Trustees

Medical Staff

Administration

Limit both the number of surgeries they perform and the number of post operative visits they make.

Increase both the number of surgeries and the number of post operative visits.

Limit the number of surgeries and increase the number of post operative visits.

Increase the number of surgeries and limit the number of post operative visits.

Secrecy

Accountability

Anonymity

Complexity

Correct answer: Accountability

Urbanization

Educational reform

Science and technology

Dependency

licensing

Log-in monitoring

Information management

Workforce security

Termination procedures

Keeping fax machines in areas that are not generally accessible

Keeping consumer records and other documents containing PHI out of sight

Documents containing PHI do not need to be shredded

Keeping medical records rooms locked/secured

an increase in medical services also increases the quality of care because it provides greater access to care

minimal medical services is needed for increasing quality of care because it reduces misdiagnoses

medical services can be overused or underused which can both be detrimental to the quality of care

the quantity and quality of care are not related

Decrease health care costs

Create a more coordinated health care system

Establish a national health insurance program

Increase quality and years of healthy life

HIPPA status analysis

gap analysis

comparison analysis

stop-gap analysis

obtain a paper copy of the notice of information practices upon request inspect and obtain a copy of your health record as provided for in 45 CFR 164.524

request a restriction on certain uses and disclosures of your information outside the terms as provided by 45 CFR 164.522

amend your health record as provided in 45 CFR 164.528 obtain an accounting of disclosures of your health information as provided in 45 CFR 164.528

revoke your authorization to use or disclose health information except to the extent that action has already been taken

Fee-for-service reimbursement.

Per Diem payment.

Reimbursement by episode of illness.

Capitation payment.

The inherent risk is greater than the residual risk.

The Annualized Loss Expectancy (ALE) approaches zero.

The expected loss from the risk exceeds mitigation costs.

The infrastructure budget can easily cover the upgrade costs.

Attending physicians, nurses, and other healthcare professionals.

Health information managers, information systems staff, and other ancillary personnel only.

Anyone working in the facility.

Only staff that have direct patient contact.

It may serve to create unnecessary code complexity

It may not enforce job separation duties

It may create unnecessary application hardening

It may allow malicious code to be inserted

True

False

Though Employers are not CEs and they have to send enrollment using HIPPA standard transactions. However, the employer health plan IS a CE and must be able to conduct applicable transactions using the HIPPA standards

Employers are not CEs and do not have to send enrollment using HIPPA standard transactions. However, the employer health plan IS a CE and must be able to conduct applicable transactions using the HIPPA standards.

Employers are CEs and have to send enrollment using HIPPA standard transactions. However, the employer health plan IS a CE and must be able to conduct applicable transactions using the HIPPA standards.

Employers are CEs and do not have to send enrollment using HIPPA standard transactions. Further, the employer health plan IS also a CE and must be able to conduct applicable transactions using the HIPPA standards.

Minutes

Agenda

Committees

One

Three

Four

Two

The purpose of the disclosure

A description of what information was sent

Disclosures for treatment, payment, or health care operations

The dates of disclosure and to whom the information was sent

Penicillin

Bacteria

Cannon of Medicine

Contains all levels of care, from primary to tertiary

Provides the necessary staff for this full spectrum of care

Provides the necessary facility for all levels of care

All of the above.

Employer-based

Financed by the government

Privately purchased

None of the above

Aggregate it into one database in the US

Process it in the US, but store the information in France

Share it with a third party

Anonymize it and process it in the US

Health Information Manager

Cancer Registrar

Coder

Walkthrough

Simulation

Parallel

White box

Koch

Leeuwenhoek

Flemming

Aselli

True

False

True

False

its lack of organizational coherence

its tertiary care organization

its over reliance on primary care

its specialist orientation