Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

HIPAA HIO-201 - Certified HIPAA Professional

HIPAA HIO-201 Premium Access     Download Demo    
Page: 3 / 5
Total 160 questions

Individually identifiable health information (IIHI) includes information that is:

A.

Transmitted to a business associate for payment purposes only.

B.

Stored on a smart card only by the patient.

C.

Created or received by a credit company that provided a personal loan for surgical procedures.

D.

Created or received by a health care clearinghouse for claim processing.

E.

Requires the use of biometrics for access to records.

In an emergency treatment situation, a health care provider:

A.

Must obtain the signature of the patient before disclosing PHI to another provider.

B.

Must contact a relative of the patient before disclosing PHI to another provider.

C.

May use their best judgment in order to provide appropriate treatment.

D.

May use PHI but may not disclose it to another provider.

E.

Must inform the patient about the Notice of Privacy Practices before delivering treatment.

A doctor is sending a patient's lab work to a lab that is an external business partner. The lab and the doctor's staff are all trained on the doctor's Privacy Practices. The doctor has a signed Notice from the patient. In order to use or disclose PHI, the lab MUST:

A.

Request that the patient sign the lab's Notice of Privacy Practices.

B.

Do nothing more - the activity is covered by the doctor's Notice of Privacy Practices.

C.

Obtain a specific authorization from the patient

D.

Obtain a specific authorization from the doctor.

E.

Verify that the doctor's Notice of Privacy Practices has not expired.

Policies and procedures that address the final disposition of electronic PHI (including the media on which is stored) is address by this required implementation specification.

A.

Media Re-use

B.

Termination Procedures

C.

Risk Management

D.

Maintenance Records

E.

Disposal

Which of the following is primarily concerned with implementing security measures that are sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level.

A.

Access Establishment and Modification

B.

Isolating Health care Clearinghouse Functions

C.

Information System Activity Review

D.

Risk Management

E.

Risk Analysis

The National Provider File (NPF) includes information such as:

A.

Effective date.

B.

CPT-4.

C.

CDT.

D.

ICD-9-CM.

E.

Enrollment date.

HIPAA Security standards are designed to be:

A.

Technology specific

B.

State of the art

C.

Non-Comprehensive

D.

Revolutionary

E.

Scalable

This implementation specification might include actions such as revoking passwords, and collecting keys

A.

Sanction Policy

B.

access Authorization

C.

Facility Security Plan

D.

Termination Procedures

E.

Unique User Identification

HIPAA transaction standards apply to:

A.

Employee drug tests.

B.

Health component of auto insurance.

C.

Stored health information data.

D.

Eligibility inquiries.

E.

Non-reimbursed employee medical expenses.

Select the correct statement regarding the responsibilities of providers and payers under HIPAA's privacy rule.

A.

Optionally, they might develop a mechanism of accounting for all disclosures of PHI for purposes other than TPO.

B.

They must redesign their offices, workspaces, and storage systems to afford maximum protection to PHI from intentional and unintentional use and disclosure.

C.

They must develop methods for disclosing only the minimum amount of protected information necessary to accomplish any intended purpose

D.

They must obtain a "top secret" security clearance for all member of their workforce

E.

They must identify business associates that need to use PHI to accomplish their function and develop authorization forms to allow PHI to be shared with these business associates