Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Health Informatics

All Quizes

Medication record is sometimes called a medication administration record T
AHIMA is a major accrediting agency for health care organizations in the United States F
The progress notes contain the results of tests conducted on body fluids, cells, and tissues. F
Operative report sums the hospital stay including reason for admission, significant findings from tests, procedures performed, therapies provided, responses to treatments, condition at discharge & instructions for medications activity diet & followup care F
An attending Physician is a clinician who is primarily and largely responsible for the care of the patient from the beginning of the hospital episode T
The first uniform bill was the CMS-1500 F
Telemedicine is the use of telecommunications for the clinical care of patients and may involve various types of electronic delivery mechanisms T
An electronic health record is an electronic record of health-related information on an individual that can be created, gathered, managed, and consulted by authorized clinicians and staff within one healthcare organization F
The CMS-1500 is submitted for inpatient, hospital-based outpatient, home health care, and long term care services F
The UB-04, or CMS-1450 is submitted for health care provider services, such as those provided by a physician's office F
The World Health Organization (WHO) publishes an updated Current Procedural Terminology (CPT) each year F
Trauma and tumor registries are special registries that often involve data collection beyond that done for the patient medical record and patient billing process T
The stated purpose for developing Current Procedural Terminology (CPT) was to provide a uniform language for describing medical and surgical services T
Registers are lists that generally contain the names, and sometimes other identifying information, of patients seen in a particular area of the health care facility T
The CMS is a ten-position, "intelligence-free" numeric identifier, that does not carry any additional information about the health care provider to which it is assigned, such as the state in which the provider works or the provider's medical specialty. F
The following are purposes of patient records, EXCEPT: a)Research and quality management b)Legal documentation c)Advertising d)Communication C
The following are contents of patient records, EXCEPT: a)History and physical b)Consultation c)Discharge summary d)UB-04 D
The following are sources of comparative data for health care managers, EXCEPT: a)Patient satisfaction b)Hospital awards c)Practice patterns d)Clinical indicators B
It is generally the first report or screen a user will encounter when accessing a patient record. a)Problem list b)Identification sheet c)History and physical d)Physician's orders B
The following are key purpose why health care organizations maintain medical records, EXCEPT: a)Communication b)Patient care c)Quality standards testing d)Legal documentation C
Which of the following is the oldest uniform data set used in the United States. a)Ambulatory Care Data Set(ACDS) b)Minimum Data Set(MDS) c)Uniform Hospital Discharge Data Set(UHDPS) d)Maximum Health Data Set (MHDS) C
It is a unique identification number for each HIPPA-covered health care provider. a)CMS b)UB-04 c)NPI d)UB-92 C
Health care information is which of the following: a)Unprocessed data b)Unprocessed health care data c)Unterpreted health care data d)Processed health care data D
It is seen by some as the highest level in a hierarchy with data at the bottom and information in the middle. a)Information b)Wisdom c)Knowledge d)Processed data C
The following are random causes of health care data quality, EXCEPT: a)Lack of motivation b)Typing errors c)Programming errors d)Frequent personnel turnovers C
The process of comparing one or more outcome measures against a standard is called. a)Benchmarking b)Balanced score cards c)Outcome measures d)Clinical value compass A
The categories of statistics that are routinely gathered for health care executjves or others include the following: a)Census statistics b)Discharge statistics c)BothA&B d)None of the above C
... the main sources of the data that go into the literally hundreds of aggregate reports or queries that are developed & used by providers EXCEPT: a)Hospital quality standards data b)Discharge data sets c)Uniform billing information d)Patients reports C
Which of the following is a federally mandated standard assessment tool that is used to collect demographic & clinical information about long-term care facility residents? e)Ambulatory Care DS f)Uniform Hospital Discharge DS g)Minimum DS h)Acute Care DS G
The following are common components of most patient records, EXCEPT: a)Medication record b)Billing summary c)Physician's orders d)Discharge summary B
The Joint Commission divides health information into the following categories, EXCEPT: a)Patient-specific data & information b)Aggregate data & information c)Knowledge-based information d)Comparative data & information e)Location based data & information E
To meet the definition of PHI, information must first of all be which of the following? a)Secure b)Concise c)Identifiable d)Complete C
HIPAA refers to PHI as this type of information a)Private health information b)Personal health information c)Protected health information d)Privileged health information C
Patient satisfaction data usually comes from which of the following? a)Health plans b)Practice patterns c)Data sets d)Survey data D
Knowledge is defined as a combination of the following, EXCEPT: a)Rules b)Opinions c)Ideas d)Experiences B
There are two basic types of software; system and application software T
Machine languages are the oldest computer programming languages T
SQL (Structured Query Language) is an example of the 4th generation language T
The operating system is the most important component of system software and is loaded when a computer is turned on T
Data encryption software is an example of an interface engine T
Object-oriented programming allows developers to see the final visual appearance of an application such as buttons, scroll down menus, and windows as they develop the application F
System Developmental Life Cycle (SDLC) is comprised of 5 different phases F
System acquisition begins once the organization has acquired the system and continues through the early stages following the go-live date F
The system acquisition phase can last anywhere from a few days to a couple of years depending on the organization's size, structure, complexity, and needs T
Implementation and support and evaluation are part of system acquisition F
The design phase focuses primarily on the business problem, or the organization's strategy, independent of any technology that can or will be used F
System design is the evaluation of alternative solutions to address the business process T
Data mining is an advanced form of decision support T
Bluetooth is the most popular local area network (LAN) technology in use today F
The most commonly adopted network communication protocol is the Internet model, which employs transmission control protocol/internet protocol (TCP/IP) T
Network media is another name for the capacity of a transmission medium F
System acquisition is the longest phase in a system's life cycle F
The support and evaluation phase begins once the system is put into operation T
Training is an essential component of any new system implementation T
An RFI (Request for Information) is considerably shorter than a RFP (Request for Proposal T
Microsoft® Windows, Mac OS and UNIX are examples of open-source software F
File transfer protocol (FTP) allows point-to -point transfer of files from one computer to another T
Email is one of the most popular uses of the intemet which utilizes common protocols such as simple mail transfer protocol (SMTP), post office protocol 3 (POP3) and internet message access protocol (IMAP) T
System implementation refers to the process that occurs from the time the decision is made to select a new system until the time a contract has been negotiated and signed F
After the contract has been finalized, or the system has been chosen, the third phase or evaluation and support begins F
Which of the following is an example of an operating system: a)Adobe Photoshop b)Corel Paint Shop Pro 5 c)Microsoft Windows 7 d)Microsoft Office 2010 C
A LAN is also known as a: a)Linear area network b)Local area network c)Long access node d)Light access network B
It is the longest phase in a system's life-cycle: e)Planning and analysis f)Design g)Implementation h)Support and evaluation H
The primary focus is on the business problem: a)Planning and analysis b)Design c)Implementation d)Support and evaluation A
Bandwidth transmission rates are expressed as: a) Feet per second (fps) b) Teraflop of data (tod) c) Bits per second (bps) d) Linear feet per second (lfps) C
Which of the following is NOT a quality of a system champion? a)Strong communication b)Listening skills c)Good follower d)Willing to assist with pilot testing C
Refers to a computer network that is internal to an organization and that uses Internet technologies a) Extranet b) Web2 c) Intranet d) Internet C
Which of the following network media transmits cable television signal? a)Twisted pair wire b)Coaxial cable c)Microwaves d)Spread spectrum B
Which of the following in an example of an output device? a)Keyboard b)Mouse c)Bar-code scanner d)Printer D
Which of the following is NOT an example of an unintended consequence: a)High productivity b)Emotions c)Power shifts d)More work or new work A
A simple way to distinguish the two primary classes of health care information is by purpose and the type of data they contain T
An administrative information system contains clinical or health-related information used by providers in diagnosing and treating a patient and monitoring that patient's care F
It was in the mid-1980s that President Lyndon Johnson signed into law Medicare and Medicaid F
DRGs is an acronym for disease related groups F
A "specialist or consultant" was viewed as the gatekeeper and assumed a pivotal role in the management of the patient's care F
HIPAA- Health Information Portability and Accountability Act F
Often in current management literature the terms information system and information technology are used interchangeably T
Patient billing or accounts receivable are common examples of a clinical application system F
Turnkey systems allow hospitals to share the use of a mainframe with other hospitals F
Mainframe computers are smaller and more powerful than minicomputers F
The ICD-9-CM classification system is derived from the ICD, 9th Revision, which was developed by the CDC and Prevention to capture disease data F
DRGs are the basis for determining appropriate inpatient reimbursements for Medicare, Medicaid, and many other health care insurance beneficiaries T
The RBRVS (resource-based relative value scale) factored provider time, effort, and degree of clinical decision making into relative value units T
The Hospital Survey and Construction Act of 1946 is also known as the Hill-Burton Act T
Centralized computing meant that end users entered data through "smart terminals", which were connected to a remote computer, the mainframe, where the data were processed F
An information system (IS) is an arrangement of the following, EXCEPT: a)Information (data) b)Processes c)People d)Concepts D
In health care, the organization is the following, EXCEPT: a)Rural health clinic b)Physician practice c)Insurance company d)Nursing home C
Which of the following is one of the two primary classes of health care information system? a)Clinical b)Pharmaceutical c)Financial d)Rehabilitation A
The following are common types of clinical information systems, EXCEPT: a)Radiology information b)Nursing documentation c)Scheduling d)Laboratory information C
Non-modifiable software systems which were developed by a vender and installed on a hospital's computer: a)Shared systems b)Mainframe computers c)Turnkey systems d)Minicomputers C
Advent of the Internet: a)1980s b)1970s c)1960s d)1990s D
Which U.S. president signed into law the HIPPA Health Insurance Portability and Accountability Act? a)George Bush b)Ronald Reagan c)Barak Obama d)William Clinton D
The Internet was historically created and initially used by: a)Academic centers b)Large medical centers c)DARPA Defense Advanced Research Project Agency d)CMS Center for Medicare & Medicaid Services C
ICD-9-CM codes were primarily based from which data groups? a)CPT b)HCPCS c)DRGs d)SNOMED-CT C
Which of the following federal programs was signed into law that provided guaranteed health care benefits to the long-term disabled? a)Hill-Burton Act b)HIPAA c)Hospital Survey and Construction Act d)Medicare and Medicaid Act D
Enactment of Medicare and Medicaid: a)1960s b)1970s c)1980s d)1990s A
Advent of the local area networks (LAN): a)1960s b)1970s c)1980s d)1990s C
Era HIPAA was signed into law: a)1960s b)1970s c)1980s d)1990s D
Which of the following was not a requirement of the Hill-Burton Act? e)Non-discriminatory f)Provide reasonable volume of free care g)Matching funds from state and local municipality h)Participation in HIPAA H
Which Act was designed to make health insurance more affordable, accessible, and provide measures to protect the confidentiality of health information? a)Medicare and Medicaid Act b)Hill-Burton Act c)HIPAA d)HITECH Act C
An electronic record of health-related information on an individual that can be created, gathered, managed, and consulted by authorized clinicians and staff in one health care organization. Electronic Medical Record (EMR)
An electronic record of health-related infor on an individual that conforms to nationally recognized interoperability standards & that can be created, managed, & consulted by authorized clinicians & staff across more than one health care organization Electronic Health Record (EHR)
An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be drawn from multiple sources while being managed, shared, and controlled by the individual. Personal Health Record (PHR)
an error in the process of ordering, dispensing, or administering a medication, whether or not an injury occurs and whether or not the potential for injury is present. MEDICATION ERROR
an injury resulting from the use of a drug, a use that may or may not have involved a medication error. ADVERSE DRUG EVENT
A computer application that accepts physician orders electronically, replacing handwritten or verbal orders and prescriptions. CPOE
Studies have shown that about half of medication errors occur during the ordering process MEDICATION ADMINISTRATION SYSTEMS
The use of medical information exchanged from one site to another via electronic communications to improve patients’ health status. A tool that enables providers to deliver health care services to patients at distant locations. Telemedicine
Store & Forward and anotheroTwo-Way Interactive Videoconferencing Telemedicine two kinds of Delivery methods
Refers to a broader view of remote health care, one that does not always involve the provision of clinical services, which is the province of telemedicine Use of technology to access remote health information, diagnostic images, and education Telehealth
5 MAJOR REIMBURSEMENT APPROACHES Payment differentials; Cost differentials; Innovative reimbursement; Shared Risk; Combined programs
intentional or unintentional human tampering HUMAN THREATS
floods, fires, and power outages NATURAL AND ENVIRONMENTAL THREATS
hard drive failure with no backup TECHNOLOGY MALFUNCTIONS
lack of training in proper use of the system orhuman error. When users share passwordsor download information from a non-secure Internet site. Unintentional Threats
are far more common than external breaches Caused by employees Internal Threats
caused by individuals outside of the organization External Threats
Protected Health Information PHI
Protected health information maintained or transmitted in electronic form ePHI
must be implemented by a CE for that organization to be in compliance REQUIRED HIPAA Security Rule
Implements the specification as stated or Implements an alternative security measure to accomplish the purposes of the standard or specification or Chooses not to implement anything, provided it can demonstrate that the standard can still be met ADDRESSABLE HIPAA Security Rule
this standard requires the CE to implement policies and procedures to prevent, detect, contain, and correct security violations Security management functions ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
Risk analysis; Risk management; Sanction policy; Information system activity review Security management functions example
it requires the CE to identify the individual responsible for overseeing development of the organization’ security policies and procedures Assigned security responsibility ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
requires the CE to implement policies and procedures to ensure that all members of its workforce have appropriate access to ePHI and to prevent those workforce members who do not have access from obtaining access. Workforce security ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
Authorization and/or supervision; Workforce clearance procedure; Termination procedures Workforce security examples
requires the CE to implement policies and procedures for authorizing access to ePHI Access authorization & Access establishment and modification Information access management ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
Data backup plan; Disaster recovery plan; Emergency mode operation plan; Testing and revision procedures; Application and data criticality analysis Contingency plan ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
requires the CE to implement awareness and training programs for all members of the workforce Security awareness and training ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
requires the CE to implement policies and procedures to address security incidents Security incidence reporting ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
requires the CE to periodically perform technical and nontechnical evaluations in response to changes that may affect the security of ePHI Evaluation ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
outlines the conditions under which a CE must have a formal agreement with business associates in order to exchange ePHI Business associate contracts and other arrangements ADMINISTRATIVESAFEGUARDSSECTION(9 STANDARDS)
requires the CE to implement policies and procedures to limit physical access to its electronic information systems and the facilities in which they are housed to authorized users Facility access control SECURITYRULEPHYSICALSAFEGUARDSSECTION(4 STANDARDS)
Contingency operations; Facility security plans; Access control and validation; Maintenance records Facility access control examples
requires the CE to implement policies and procedures that specify proper functions to be performed and the manner in which those functions are to be performed on a specific workstation or class of workstations that can be used to access ePHI Workstation use SECURITYRULEPHYSICALSAFEGUARDSSECTION(4 STANDARDS)
requires the CE to implement physical safeguards for all workstations that are used to access ePHI and to restrict access to authorized users Workstation security SECURITYRULEPHYSICALSAFEGUARDSSECTION(4 STANDARDS)
requires the CE to implement policies and procedures for the movement of hardware and electronic media that contains ePHI into and out of a facility and within a facility Device and media controls SECURITYRULEPHYSICALSAFEGUARDSSECTION(4 STANDARDS)
Disposal; Media reuse; Accountability; Data backup and storage Device and media controls examples SECURITYRULEPHYSICALSAFEGUARDSSECTION(4 STANDARDS)
technical policies & procedures for electronic information systems that maintain ePHI in order to allow access only to those persons or software programs that have been granted access rights as specified in the administrative safeguards. Access control SECURITYRULETECHNICALSAFEGUARDSSECTION(5 STANDARDS)
Unique user identification; Emergency access procedure; Automatic log-off; Encryption and decryption Access control examples
requires the CE to implement hardware, software, and procedures that record and examine activity in the information systems that contain ePHI. Audit controls SECURITYRULETECHNICALSAFEGUARDSSECTION(5 STANDARDS)
requires the CE to implement policies and procedures to protect ePHI from improper alteration or destruction. Integrity SECURITYRULETECHNICALSAFEGUARDSSECTION(5 STANDARDS)
requires the CE to implement procedures to verify that a person or entity seeking access to ePHI is in fact the person or entity claimed. Person or entity authentication SECURITYRULETECHNICALSAFEGUARDSSECTION(5 STANDARDS)
requires the CE to implement technical measures to guard against unauthorized access to ePHI being transmitted across a network. Integrity controls & Encryption Transmission security SECURITYRULETECHNICALSAFEGUARDSSECTION(5 STANDARDS)
requires the CE to establish and implement policies and procedures to comply with the standards, implementation specifications, and other requirements Policies and procedures POLICIES, PROCEDURES& DOCUMENTATIONSECTION(2 STANDARDS)
requires the CE to maintain the policies and procedures implemented to comply with the Security Rule in written form. Time limit; Availability; Updates Documentation POLICIES, PROCEDURES& DOCUMENTATIONSECTION(2 STANDARDS)
Risk Analysis Process Boundary definition; Threat identification; Vulnerability identification; Security control analysis; Risk likelihood determination; Impact analysis; Risk determination; Security control recommendations
involves protecting the actual computer hardware, software, data, & information from physical damage or loss due to natural, human, or environmental threats. Assigned Security Responsibility; Media controls; Physical access controls; Workstation security PHYSICAL SAFEGUARDS
only individuals with a need to know should have access to patient-identifiable health information. Control over access to health data may involve any of the following methods: User-based access Role-based access Context-based access ACCESS CONTROLS
is an effective means of controlling who gains entry to a health care information system only when there is a system for ensuring the identity of the individual attempting to gain access ENTITY AUTHENTICATION
a record showing who has accessed a computer system and what operations he or she has performed during a given period of time. Individual accountability Reconstructing electronic events Problem monitoring Intrusion detection AUDIT TRAILS
is used to ensure that data transferred from one location on a network to another are secure from anyone eavesdropping or seeking to intercept them.Cryptography: is the study of encryption and decryption techniques Public Key Infrastructure DATAENCRYPTIONS
Data before any encryption has taken place Plaintext
Computer program that converts plaintext into an enciphered form Encryption Algorithm
Data after the encryption algorithm has been applied Ciphertext
Unique data that are needed both to create the ciphertextand to decrypt the ciphertextback to the original message Key
is “a system or combination of systems that supports an access control policy between two networks” FIRE WALL PROTECTION
is an important component of a health information security program. Virus attacks are very common an can cause extensive damage and loss of productivity. Computer viruses come in many different varieties. VIRUS CHECKING
3 MAIN CATEGORIES OF STANDARDS -Classification, vocabulary, and terminology standards – Data interchange standards – Health record content standards
Ad hoc. A standard is established by the ad hoc method when a group of interested people or organizations agrees on a certain specification, without any formal adoption process STANDARDS DEVELOPMENT PROCESS
Arises when a vendor or other commercial enterprise controls such a large segment of the market that its product becomes the recognized norm. De facto
Established when the government mandates that the health care industry adopt them. Government mandate
Consensus-based standards come about when representatives from various interested groups come together to reach a formal agreement on specifications. (American National Standards Group) Consensus
developed by the College of American Pathologists (CAP) is a comprehensive clinical vocabulary designed to encompass all the terms used in medicine, including procedures and diagnosis. Systematized Nomenclature of Medicine Clinical Terms (SNOMED-CT)
is a set of universal terms and codes used for the electronic exchange of laboratory results and clinical observations. The LOINC standard allow results from different labs to be recognized and understood regardless of their origin. Logical Observation Identifiers Names and Codes (LOINC)
U.S. National Library of Medicine’s reference database for medical vocabularies which was originally developed to suggest translations among terminologies but now it also serves and the major thesaurus of medical terms. Unified Medical Language System (UMLS)
code that uses the digits 0 through9 and the letters A to H, J to N, and P to Z. This system provides greater specificity and as a result, information can be captured at a very detailed and thorough level. ICD-9 and ICD-10 – ICD-9
developed and maintained by AMA, is a listing of descriptive terms and identifying codes for reporting medical services and procedures performed by health care providers in outpatient settings. Current Procedural Terminology (CPT)
contains codes for products, supplies, and certain services not included in CPT. The HCPCS codes are maintained by CMS. HEALTHCARE COMMON PROCEDURE CODING SYSTEM (HCPCS)
used to send data from one application (laboratory system) to another (EHR) Health Level Seven (HL7)
enables the exchange o information between imaging systems and allows access to the images from remote locations Digital Imaging and Communications in Medicine (DICOM)
used for exchanging prescriptions information National Council for Prescription Drug Program (NCPDP)
provide communication between medical devices The Institute of Electrical and Electronics Engineers 1073 (IEEE1073)
specify the functional content of an information system EHR Content Standard
a standard which has been approved by the American National Standards Institute (ANSI), lists critical features and functions contained in an EHR system. EHR Systems Functional Model (EHR-S-FM) – HL7 release EHR Content Standard
There are approximately 1000 criteria across 130 functions, including problem lists, clinical decision support, and privacy and security EHR Content Standard
– The EHR-S-FM standard was used as the framework for the CCHIT development of EHR product certification criteria EHR Content Standard
Federal Initiatives on Health Care IT Standards HIPAA – Centers for Medicare & Medicaid e-Prescribing – Office of the National Coordinator for Health Information Technology (ONC)
Process that gives a facility legal approval to operate LICENSURE
Certification gives a health care organization the authority to participate in the federal Medicare and Medicaid programs. CERTIFICATION
Centers for Medicare and Medicaid Services developed a set of minimum standards known as the Conditions of Participation (CoPs)
An external review process that an organization elects to undergo. ACCREDITATION
reimbursement from certain payers; Validates the quality of care; May favorably influence liability insurance premiums; May enhance access to managed care contracts; Gives the organization a competitive edge over non-accredited organizations BENEFITS FOR BEING ACCREDITED
6 ACCREDITATION DECISIONS Accreditation; Provisional Accreditation; Conditional Accreditation; Preliminary denial of Accreditation; Denial of Accreditation; Preliminary Accreditation
is one that occurs unexpectedly and either leads to or presents a significant risk of death or serious injury. sentinel event
is the developer and overseer of the Health Plan THE NATIONAL COMMITTEE FOR QUALITY ASSURANCE (NCQA)
and for its work in providing quality measures for health plans Employer Data and Information Set (HEDIS)
five categories of specific standards Access and Service; Qualified Providers; Staying Healthy; Getting Better; Living with Illness
specific standards Excellent; Commendable; Accredited; Provisional; Denied
accredits rehabilitative services and programs The Commission on Accreditation of Rehabilitation Facilities (CARF)
accredits HMOs and ambulatory care organizations The Accreditation Association for Ambulatory Health Care (AAAHC)
defines the legal health record (LHR) as “the documentation of the healthcare services rovided to an individual in any aspect of ealthcare delivery by a healthcare provider organization.” American Health Information Management Association (AHIMA)
is accomplished when the physician or other health care professional signs it, either with a handwritten signature or an electronic signature authentication of an LHR entry
is an individual’s constitutional right to be left alone, to be free from unwarranted ublicity, and to conduct his or her life without its being made public. Privacy
is the expectation that information shared with a health care provider during the course of treatment will be used only for its intended purpose and not disclosed otherwise. Relies on trust. Confidentiality
Created by: CUAHIT