SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
HIPAA
Start Test
Study First
Subjects
:
certifications
,
hipaa
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Deposition
must be reported to authorities by law
Invasion of Privacy Publishing
testimony under oath
malpractice
2. Disclosure without Consent
although medical records are confidential - there are times when they can be released w/o a patient consent.
Notice of Privacy Practices (NPP)
Minimum necessary
a service company that recieves electronic or paper claims from the provider - checks and prepares them for processing - and transmits them in HIPAA-complaint format to the correct carriers
3. The ability to control access and protect information from accidental or intentional disclosure to unauthorized persons and from altercation - destruction - or loss
Treatment - payment and health care operations (TPO)
U.S. goverment
Standard
security rule
4. Protected health information from which certain patient identifiers have been removed
a minor - rather than the parent - must sign the release of patient information
Standard
Limited data set
should only be used when no other - more secure mode of transmission is available
5. Treatment means that a health care provider can provide care; payment means that a provider can disclose PHI to be reimbursed; health care operations refers to HIPAA approved activities and transactions.
individuals such as cleaning staff and consultants who work in the office. These individuals do not need access to patient info but may come in contact while completing their duties
A court order requiring someone to appear in court on a certain date time and reason. A medical record could be subpoenaed.
Treatment - payment and health care operations (TPO)
safeguards health & wealthfare of Medicare/Medicaid beneficiaries & protect program integrity
6. Releasing patient information
concerned with mostly with h/c providers. It addresses fraud and abuse - administrative simplification and medical liability
Treatment - payment and health care operations (TPO)
individuals in their mid- to late teens who legally live outside of parents' or guardians' control
generally only patient can auth release of own medical record - there are a few exceptions
7. PII
Patient Identifiable Information
What types of disclosures do not require patient permission?
Health Insurance Portability and Accountability Act of 1996 (passed by congress because of portability problems - also to protect PHI)
U.S. Department of Health and Human Services (HHS; established national standards for HIPAA) - Centers for Medicare and Medicaid Services (CMS; enforce insurance portability and transaction/code set requirements) - Office for Civil Rights (OCR; enfor
8. Business Associate Agreements applies to...
U.S. Department of Health and Human Services (HHS; established national standards for HIPAA) - Centers for Medicare and Medicaid Services (CMS; enforce insurance portability and transaction/code set requirements) - Office for Civil Rights (OCR; enfor
law that permits a person w/ a legal age and sound mind to give their body to donation
Encryption
individuals such as cleaning staff and consultants who work in the office. These individuals do not need access to patient info but may come in contact while completing their duties
9. Common law
h/c workers --qualified people of organizations(perf. data processinf or transcript) -certain gov. auth. (pub health activities) -appropriate auth(protect vic. of abuse) -law enforcement officials or judicial orders
Encryption
judge made law from decisions of a court - interpretation of constitution and statuatory law - often known as precedents
De-Identified Information
10. TPO
treatment - payment - & healthcare operations
substance abuse treatment
the philosophical study of moral values and rules - conducts
De-Identified Information
11. Battery
illegal touching of another person
Verification
a minor - rather than the parent - must sign the release of patient information
located in a secured and private space
12. Medical records used for health care research
13. Sending information over electronic networks.
Electronic transmission
individuals in their mid- to late teens who legally live outside of parents' or guardians' control
Rule
Covered entities
14. Some state laws specifically protect __________. A patient would need to sign a specific request.
Security
human immunodeficiency virus/acquired immune deficiency syndrome (HIV/AIDS)
improper performance of an otherwise lawful act. civil
security rule
15. Fax Machines and HIPAA
Notice of Privacy Practices (NPP)
in order to maintain patient confidentiality - fax machines must be kept in areas not accessible to patients.
same legal standards apply to all patient records whether on paper or computer
Any information that would identify a patient (name - add - tele - DOB - SSN - email - med. rec. number - etc)
16. Professional Negligence
state law that protects healthcare professionals from liability when they provide emergency assistance/services within their scope of training
treatment - payment - & healthcare operations
malpractice
patient discharges doctor with letter - doctor formally withdraws from patient with a certified letter or patient no longer needs treatment
17. 4d's of negligence
Duty; duty of care - Derelict; breach of the duty of care - Direct cause; legally recognizable injury occurs as a result of breach of care - Damage; wrongful activity must have been the cause
malpractice
judge made law from decisions of a court - interpretation of constitution and statuatory law - often known as precedents
addresses portability of insurance coverage when employees change or lose their jobs
18. The person recieving treatment
Patient
a minor - rather than the parent - must sign the release of patient information
substance abuse treatment
in order to maintain patient confidentiality - fax machines must be kept in areas not accessible to patients.
19. In HIPAA language health plans - Health care clearinghouses - and all health care providers that transmit HIPAA standard transactions electronically are called covered entities. Hospitals - nursing homes - hospices - pharmacies - physician practices
Type of consent in which a patient who is unable to give consent is given treatment under the legal assumption that he or she would want treatment.
regular - in a secure location
Covered entities
Invasion of Privacy Publishing
20. The limited amount of patient information to be disclosed - depending on circumstances.
Minimum necessary
generally only patient can auth release of own medical record - there are a few exceptions
Insurance portability - administrative simplification - privacy and security
security rule
21. Libel
state law that protects healthcare professionals from liability when they provide emergency assistance/services within their scope of training
false and malicious writing about another
Examples of PHI
purpose - pride - patience - persistence - perspective
22. Advanced directives
Covered entities
allows patients to give directions to health care providers about treatment choices in circumstances in which the patient may no longer be able to provide that direction. There are two types: Living Will and Durable Power of Attorney
h/c workers --qualified people of organizations(perf. data processinf or transcript) -certain gov. auth. (pub health activities) -appropriate auth(protect vic. of abuse) -law enforcement officials or judicial orders
Designated record set
23. IIHI
Notice of Privacy Practices
have a unique password and it should be changed frequently
Individually Identifiable Health Information
Psychotherapy notes - information for legal proceedings - information exempted from disclosure under CLIA
24. Disabilities act
25. Policies and procedures use to protect electronic information from unauthorized access
also called biomedical ethics - the moral dilemmas and issues of advanced medicine and medical research
Security
Patient
Psychotherapy notes - information for legal proceedings - information exempted from disclosure under CLIA
26. OIG - Office of the Inspector General
Treatment - payment and health care operations (TPO)
safeguards health & wealthfare of Medicare/Medicaid beneficiaries & protect program integrity
The body of laws made by states is their own statutory laws
need to know
27. Confidentiality
28. Title I of HIPAA
addresses portability of insurance coverage when employees change or lose their jobs
failure to act with the standard of care that a reasonable person would exercise under the same circumstances
Encryption
regular - in a secure location
29. Who regulates HIPAA?
Patient
U.S. Department of Health and Human Services (HHS; established national standards for HIPAA) - Centers for Medicare and Medicaid Services (CMS; enforce insurance portability and transaction/code set requirements) - Office for Civil Rights (OCR; enfor
treatment - payment - & healthcare operations
U.S. goverment
30. Hardware or software designed to prevent unauthorized access to electronic information.
Firewalls
Patient rights under HIPAA
false and malicious writing about another
should only be used when no other - more secure mode of transmission is available
31. Patient records are _____________ so not all staff will have access.
Covered entities
need to know
Firewalls
Duty; duty of care - Derelict; breach of the duty of care - Direct cause; legally recognizable injury occurs as a result of breach of care - Damage; wrongful activity must have been the cause
32. Criminal law
De-Identified Information
Type of consent in which a patient who is unable to give consent is given treatment under the legal assumption that he or she would want treatment.
testimony under oath
law concerned with public wrongs against society
33. Medical records can be released w/o consent to...
a contract that comes about from the actions of the parties rather than words
failure to act with the standard of care that a reasonable person would exercise under the same circumstances
h/c workers --qualified people of organizations(perf. data processinf or transcript) -certain gov. auth. (pub health activities) -appropriate auth(protect vic. of abuse) -law enforcement officials or judicial orders
judge made law from decisions of a court - interpretation of constitution and statuatory law - often known as precedents
34. Data must be backed up at ___________ and those back-up files should be stored ________.
Permission
A written set of questions requiring written answers from a plaintiff or defendant under oath
purpose - pride - patience - persistence - perspective
regular - in a secure location
35. Name - address - date of birth - phone/fax numbers - social security number - medical record number - and photographs - nursing and physician notes - billing and other treatment records used during a patient's visit in a hospital or office.
should never be released w/o a patient's signed consent or court order
Medical data from which individual identifiers have been removed; also known as a redacted or blinded record.
Examples of PHI
Patient Identifiable Information
36. NPP
same legal standards apply to all patient records whether on paper or computer
Notice of Privacy Practices
Minimum necessary
human immunodeficiency virus/acquired immune deficiency syndrome (HIV/AIDS)
37. Clearinghouse
a service company that recieves electronic or paper claims from the provider - checks and prepares them for processing - and transmits them in HIPAA-complaint format to the correct carriers
Electronic transmission
Insurance portability - administrative simplification - privacy and security
Transaction
38. All persons who will have access are required to...
have a unique password and it should be changed frequently
Malfeasance
state laws setting time limit for bringing a lawsuit
Limited data set
39. Statue of limitations
Limited data set
U.S. goverment
state laws setting time limit for bringing a lawsuit
testimony under oath
40. Good samaritan law
state law that protects healthcare professionals from liability when they provide emergency assistance/services within their scope of training
Every office should have one! - responsible for making surethat thise office is HIPAA compliant - privacy officer should be.. an effective communicator with ability to answer questions about sespected HIPPA violations and complaints
individuals in their mid- to late teens who legally live outside of parents' or guardians' control
malpractice
41. Uniform anotomical gift act
A written set of questions requiring written answers from a plaintiff or defendant under oath
law that permits a person w/ a legal age and sound mind to give their body to donation
concerned with mostly with h/c providers. It addresses fraud and abuse - administrative simplification and medical liability
regular - in a secure location
42. Unlawful act done without permission.
substance abuse treatment
Every office should have one! - responsible for making surethat thise office is HIPAA compliant - privacy officer should be.. an effective communicator with ability to answer questions about sespected HIPPA violations and complaints
addresses portability of insurance coverage when employees change or lose their jobs
Malfeasance
43. If a states privacy laws are stricter than HIPAA privacy standards - the state laws take precedence.
Electronic Protected Health Information
Health Insurance Portability and Accountability Act of 1996 (passed by congress because of portability problems - also to protect PHI)
State preemption
need to know
44. Electronic exchanges of information between two covered-entity business partners using HIPAA mandated transaction standards.
a contract that comes about from the actions of the parties rather than words
What types of disclosures do not require patient permission?
Covered transactions
Covered entities
45. Guidelines and standards made by government agencies and licensing boards that have the authority to enforce compliance
regular - in a secure location
Regulations
Individually Identifiable Health Information
Permission
46. Transmission of information between two parties fro financial or administrative activities.
Transaction
Code sets
Patient Identifiable Information
individuals such as cleaning staff and consultants who work in the office. These individuals do not need access to patient info but may come in contact while completing their duties
47. Any set of codes use to encode health care data elements.
state law that protects healthcare professionals from liability when they provide emergency assistance/services within their scope of training
safeguards health & wealthfare of Medicare/Medicaid beneficiaries & protect program integrity
Code sets
What types of disclosures do not require patient permission?
48. 5P's of ethical power
purpose - pride - patience - persistence - perspective
Examples of PHI
Patient rights under HIPAA
false and malicious writing about another
49. HIPAA compliance mandates that computer systems must be...
Every office should have one! - responsible for making surethat thise office is HIPAA compliant - privacy officer should be.. an effective communicator with ability to answer questions about sespected HIPPA violations and complaints
state laws setting time limit for bringing a lawsuit
located in a secured and private space
Electronic data interchange
50. Titile II of HIPAA
De-Identified Information
must be reported to authorities by law
concerned with mostly with h/c providers. It addresses fraud and abuse - administrative simplification and medical liability
safeguards health & wealthfare of Medicare/Medicaid beneficiaries & protect program integrity
