RHIA Domain 2|133 Questions with Verified Answers,100% CORRECT

Document Content and Description Below

RHIA Domain 2|133 Questions with Verified Answers Legal Health Record - CORRECT ANSWER Formal business record to be utilized during legal procedings If privacy issues emerge... - CORRECT ANSWE ... R Determine source of problem and issue HIPAA training If patient is unable to sign... - CORRECT ANSWER Implied Consent Psychiatric patients may view records if physician determines... - CORRECT ANSWER Seeing record is not harmful to their condition or treatment Facility Directory - CORRECT ANSWER General Condition Acknowledgement of admission HIPAA's Expert Determination and Safe Harbor - CORRECT ANSWER Deidentification Log-in with standard ID and password - CORRECT ANSWER Access Control Standard Legal Hold - CORRECT ANSWER Special tracking of patient records involved in litigation to ensure no changes are made Security Risk Analysis First Consideration - CORRECT ANSWER Consider entity's characteristics and environment Audit Trail - CORRECT ANSWER Reconstructing electronic events Entity Authentication - CORRECT ANSWER Reads pre-determined criteria to ensure a user is who they claim to be Password systems Inherent Weakness of a Safeguard - CORRECT ANSWER Vulnerability Informed Consent - CORRECT ANSWER Risks and benefits of procedure Alternatives Description of procedure Done by phyisician Ensuring employees understand security measures - CORRECT ANSWER Workforce Security Awareness Training Provides entities with structural framework to build a HIPAA security plan - CORRECT ANSWER Security Risk Analysis Pre-Employment Physicals - CORRECT ANSWER Not protected by HIPAA bc part of personnel record HIPAA identifier that has not been implemented - CORRECT ANSWER Individual Preventing theft of PHI - CORRECT ANSWER Facility Access Controls Improved security of EHR - CORRECT ANSWER Access Controls Audit Trails Authentication Systems Designated Record Set - CORRECT ANSWER Includes records from other hospitals that were involved in episode of care decisions HIPAA Record Retention - CORRECT ANSWER 6 years Rendering PHI unreadable and unusable to unauthorized individuals - CORRECT ANSWER Encryption and Destruction Goal of HIPAA Administrative Simplification - CORRECT ANSWER Standardizing electronic transmission of health data Technology policies, protocols, and access controls - CORRECT ANSWER Technical Safeguards Patient Accounting of Disclosures - CORRECT ANSWER Must include disclosure requires patient authorization HIPAA Training - CORRECT ANSWER Privacy and security training should not be seperated Darling vs. Charleston Community Memorial Hospital - CORRECT ANSWER Hospital is responsible for the quality of care given by its physicians Not a Business Associate Under HITECH - CORRECT ANSWER Housekeeping Fundraising solicitations may not - CORRECT ANSWER Target a specific group or diagnosis Most Constant Threat to Health Information Integrity - CORRECT ANSWER Humans Device and Media Controls - CORRECT ANSWER Security breaches from lack of wiping data from devices Employee Physical - CORRECT ANSWER Should report family history unless specifically excluded Virtual Privacy - CORRECT ANSWER Private tunnel with Internet as transport medium for secure transmission Role-Based - CORRECT ANSWER Access determined by employee's job title and responsibilities Administrative Safeguard - CORRECT ANSWER More people-focused in nature Most of the safeguards Healthcare Integrity and Protection Data Bank - CORRECT ANSWER Legal action taken against healthcare provider Privileged Communication - CORRECT ANSWER Between patient and provider based on medical condition Privacy - CORRECT ANSWER Patient can maintain control over certain personal information Authorizations - CORRECT ANSWER Must be signed for every disclosure of PHI Consent - CORRECT ANSWER Sound mind or legal directive Deidentified - CORRECT ANSWER Not protected by HIPAA Privacy Rule NPP - CORRECT ANSWER Only informational Patients can not object to TPO uses Must inform patients of disclosures to foundations Patient Review of Records - CORRECT ANSWER Cannot dictate place bc org is responsible for integrity Privacy Rule Identifier - CORRECT ANSWER Vehicle License Plate PCP - CORRECT ANSWER Patients cannot deny PCP access to their records Office of Civil Rights - CORRECT ANSWER Oversight and enforcement of HIPAA Workforce - CORRECT ANSWER Perform functions on behalf of covered entities and business associates Includes volunteers and external orgs When federal and state law are different - CORRECT ANSWER Choose the stricter one Addressable Security Rule - CORRECT ANSWER Should be implemented unless an entity determines it is not reasonable and appropriate 500 days - CORRECT ANSWER DHHS secretary must be informed of breaches greater than this Workforce Security Standard Addressable Standards - CORRECT ANSWER Authorization and supervision Workforce clearance procedures Termination procedures Spoilation - CORRECT ANSWER Destroying a record outside of destruction standards and regulations PHR - CORRECT ANSWER In LHR when used by org to provide treatment Granting Privileges - CORRECT ANSWER Defining what services providers may perform Most Common Security Threat - CORRECT ANSWER Internal to org Employees viewing own record - CORRECT ANSWER Violates minimum necessary, Must follow standard procedure Regulation - CORRECT ANSWER From admin agency of govt Security Incident Procedure Standard - CORRECT ANSWER Identifying and responding to security events Redisclosure - CORRECT ANSWER Releasing docs originally created by another provider/facility Willful and Knowing HIPAA violation - CORRECT ANSWER $250,000, 10 yrs in jail PDSA - CORRECT ANSWER Inform patients they are entitled to advanced directive and document presence Advance Directive - CORRECT ANSWER Must be followed even if patient is declared incompetent after it is made Divorced Parents - CORRECT ANSWER Only one must consent Trigger - CORRECT ANSWER System response and notification Info Access Mgmt Standard - CORRECT ANSWER Controlling access to workstation, transaction, program, or process Utilization Review - CORRECT ANSWER Use for Operations Sending records to physician - CORRECT ANSWER Disclosure Custodian of Health Records - CORRECT ANSWER Testifies to authenticity of records Amendments cannot be made on records not in - CORRECT ANSWER DRS Automatic Session Terminations - CORRECT ANSWER Minimizes data breaches when computer is unattended Person or Entity Authentication Standard - CORRECT ANSWER No unit level password Minimum Necessary - CORRECT ANSWER Define what staff needs to complete their role ROIs must be responded to within - CORRECT ANSWER 30 days If patient private pays - CORRECT ANSWER Can restrict insurance info to info Contingency Planning - CORRECT ANSWER Disaster Recovery Planning Not redisclosure - CORRECT ANSWER If external and within DRS Private Endeavours - CORRECT ANSWER Physician needs business associate agreement with hospital If patient requests hybrid - CORRECT ANSWER Give both forms Saying name in waiting room - CORRECT ANSWER Not a HIPAA violation, but change process Social Security Number - CORRECT ANSWER Never show on documentation Accidental Deaths - CORRECT ANSWER Reported to medical examiner Documentation Retention Guidelines - CORRECT ANSWER Admin Safeguard HIPAA Security Rule - CORRECT ANSWER Ensure confidentiality, integrity, and availability UHCDA - CORRECT ANSWER Spouse, adult child, parent, adult sibling Accounting of Disclosures Timeframe - CORRECT ANSWER 3 years Respondeat Superior - CORRECT ANSWER Employer is responsible for employees negligence Job Shadowing - CORRECT ANSWER Only in areas with no PHI No Info in Directory - CORRECT ANSWER Deny requests bc that is difficult to manage and HIPAA violation can occur Revokes ROI after release - CORRECT ANSWER Protected by privacy rule QI - CORRECT ANSWER Protected from disclosure Documentation of Security Policies - CORRECT ANSWER Six years from effect HIPAA Record Charges - CORRECT ANSWER State formula Best-Of-Breed - CORRECT ANSWER Best from each vendor then interface Federated-Consistent Databases - CORRECT ANSWER HIE operates like ASP Best-Of-Fit - CORRECT ANSWER One vendor Person Identification - CORRECT ANSWER HIE matches info to individual Parallel Processing - CORRECT ANSWER Paper processing occurs until EHR works as planned Messaging Standards - CORRECT ANSWER Support communication between applications Normalization - CORRECT ANSWER Breaking data elements into detail to retrieve data Median - CORRECT ANSWER Based on whole distribution Infrared Light - CORRECT ANSWER Connecting portable devices to network Patient Portal - CORRECT ANSWER Secure communication with provider PHI - CORRECT ANSWER Relates to ones condition Releasing to another faculity - CORRECT ANSWER Minimum necessary does not apply Accounting of disclosures contains - CORRECT ANSWER Info from infectious reporting Privacy Rule - CORRECT ANSWER Will preempt state law with medical record charges Two Factor Authentication System - CORRECT ANSWER Password and Swipe Card Patient Limiting Disclosure - CORRECT ANSWER Must accept request but not agree to it Don't report HIPAA violation if - CORRECT ANSWER No hard copy info Reporting Requirements - CORRECT ANSWER Not for competent adults Duces Tecum - CORRECT ANSWER Compels recipient to bring records to a legal proceding Not signed by plaintiff and defendant Business Record Exception - CORRECT ANSWER Record does not constitute hearsay PHI Breach - CORRECT ANSWER Must tell types of unsecured PHI that were involved Accounting of Disclosures - CORRECT ANSWER Ex: faxed to the bank Training in PHI - CORRECT ANSWER Every member of workforce must attend Federal Rules of Civil Procedure - CORRECT ANSWER e-discovery rules changed Security Audit - CORRECT ANSWER Helps entity ensure that info is only being accessed for org purposes Security Rule - CORRECT ANSWER Provisions for access in emergency Biggest Risk of Breaches - CORRECT ANSWER Laptop Theft Protecting Data Privacy - CORRECT ANSWER Defending or safeguarding patient data Charging for PHI - CORRECT ANSWER To make a copy Chain of Trust Partner Agreements - CORRECT ANSWER Admin provision for security measures Confidentiality - CORRECT ANSWER Limiting disclosures Minor - CORRECT ANSWER Authorized to release venereal info Info Policy - CORRECT ANSWER Openness of comm w/in org Over telephone with police - CORRECT ANSWER No info Best Monitoring System - CORRECT ANSWER Random sample of each employee monthly Even if employer is paying - CORRECT ANSWER They need auth Married Minor - CORRECT ANSWER Can consent for self When on phone with hospital - CORRECT ANSWER Confirm with callback and give all info Stark Law - CORRECT ANSWER No physician self referral Right to PHI - CORRECT ANSWER For as long as it is maintained Authorization Management - CORRECT ANSWER Limiting user access [Show More]

Last updated: 2 years ago

Preview 1 out of 11 pages