Question 1

A Medical record contains

Accepted Answer

facts, findings, and
observations about a patient’s health.

Question 2

Documentation

Accepted Answer

means organizing a patient’s
health record in chronological order using a
systematic, logical, and consistent method.
• Includes health history, examinations, tests, and
treatment.
• Must be complete

Question 3

Medical standards of care

Accepted Answer

are state-specified
performance measures for healthcare delivery.

Question 4

Medical Necessity

Accepted Answer

services must be consistent
with generally accepted standards of care

Question 5

Encounter

Accepted Answer

visit between a patient and a
medical professional.

Question 6

Evaluation and Management (E/M)

Accepted Answer

provider’s
evaluation of a patient’s condition and decision on
a course of treatment:

Question 7

Informed consent

Accepted Answer

process by which a patient
authorizes medical treatment after a discussion with a
physician.

Question 8

Centers for Medicare and Medicaid
Services (CMS)

Accepted Answer

the main federal
government agency responsible for healthcare,
overseeing Medicare, Medicaid, clinical
laboratories, and other government health
programs

Question 9

State Regulation:

Accepted Answer

States are also major regulators.

Question 10

HIPAA

Accepted Answer

federal act with guidelines for
standardizing the electronic data interchange
of administrative and financial healthcare
transactions, exposing fraud and abuse, and
protecting and securing PHI.

Question 11

HITECH  health information technology

Accepted Answer

a law with provisions concerning standards for
electronic transmission of healthcare data.

Question 12

Meaningful use

Accepted Answer

signifies the utilization of certified EHR
technology to improve quality, efficiency, and patient safety;

Question 13

Affordable Care Act (ACA)

Accepted Answer

Health system reform legislation that offers
improved insurance coverage and other
benefits. Offers incentives to form accountable care
organizations (ACOs)

Question 14

accountable care
organizations (ACOs)

Accepted Answer

a network of doctors and hospitals
who share responsibility for managing quality
and cost of care provided to a group of
patients.

Question 15

HIPAA Covered Entity (CE)

Accepted Answer

Healthcare organization (health plan, clearinghouse,
provider, or business associate) that transmits HIPAA-
protected information electronically

Question 16

Business associates (BA’s)

Accepted Answer

Organizations that work for covered entities but are not
themselves CEs (law firms; outside medical billers, coders,
and transcriptionists; collection agencies; accountants)

Question 17

HIPAA Privacy Rule

Accepted Answer

Law regulating use and disclosure of patients’ protected
health information (PHI).

Question 18

Protected health information (PHI)

Accepted Answer

individually identifiable health information transmitted or maintained by
electronic media.

Question 19

(TPO)

Accepted Answer

treatment, payment, and healthcare operations

Question 20

Designated record set (DRS)

Accepted Answer

CE’s records that contain PHI.

Question 21

Notice of Privacy Practices (NPP)

Accepted Answer

description of a CE’s principles and procedures related to protection of patients’ health information.

Question 22

Accounting for disclosure

Accepted Answer

documentation of the disclosure of a patient’s PHI in that person’s medical record in unauthorized cases

Question 23

authorization

Accepted Answer

written permission

Question 24

The HIPAA Security Rule requires

Accepted Answer

CEs to establish safeguards to protect PHI

Question 25

Encryption

Accepted Answer

method of converting a message into encoded text.

Question 26

Other Security Measures

Accepted Answer

Secure Internet connection, Access control, passwords, Backups to replace items after damage. Security policies to handle violations that do occur

Question 27

The Health Information Technology for Economic and Clinical Health (HITECH) Act requires CEs to

Accepted Answer

notify affected individuals following the discovery of a breach of unsecured health information.

Question 28

Breach

Accepted Answer

impermissible use or disclosure of PHI that could pose significant risk to the affected person.

Question 29

Breach notification

Accepted Answer

document notifying an
individual of a breach (usually required within 60
days).

Question 30

Employer Identification Number

Accepted Answer

EIN

Question 31

National Provider Identifier

Accepted Answer

NPI

Question 32

Omnibus Rule

Accepted Answer

set of regulations enhancing patients’ privacy protections and rights to information, and the government’s ability to enforce HIPAA.

Question 33

1st final rule

Accepted Answer

Strengthen previous HIPAA/HITECH rules.

Question 34

2nd final rule

Accepted Answer

Increase civil monetary penalties for violations

Question 35

3rd final rule

Accepted Answer

Restate the standard for reporting breaches.

Question 36

4th final rule

Accepted Answer

Prohibit health plans from using or disclosing genetic
information for determining insurance coverage.

Question 37

Office for Civil Rights (OCR)

Accepted Answer

government agency that enforces the HIPAA privacy standards and investigates civil complaints on behalf of an individual

Question 38

Department of Justice

Accepted Answer

prosecutes criminal violations of HIPAA privacy standards

Question 39

Office of Inspector General

Accepted Answer

Investigates suspected fraud and audit records of physicians and payers

Question 40

Fraud

Accepted Answer

Intentional deceptive act to obtain a benefit by taking advantage of another person:

Question 41

Abuse

Accepted Answer

action that improperly uses another’s resources

Question 42

Compliance plan

Accepted Answer

medical practice’s written plan for complying with regulations

Question 43

A compliance officer is in charge of

Accepted Answer

ongoing work and can be a physician, practice manager, or billing manager

Question 44

A compliance committee is established to

Accepted Answer

oversee the entire program

Question 45

Error and omission insurance may

Accepted Answer

be recommended as part of a compliance guideline for the healthcare facility’s employees.

Question 46

OCR

Accepted Answer

Office of Civil rights

Question 47

PHI

Accepted Answer

Protected Health information

Question 48

TCS

Accepted Answer

Transaction set Codes

Question 49

DRS

Accepted Answer

Designated record set

Question 50

EHR

Accepted Answer

Electronic Health Record

Question 51

CC

Accepted Answer

Chief Complaint

Question 52

NPI

Accepted Answer

National providers Identification

Question 53

NPP

Accepted Answer

Notice of Privacy Practices

Question 54

OIG

Accepted Answer

Office of inspector General

Question 55

Minimum necessary Standard

Accepted Answer

The Principle that individually identifiable health information should be disclosed only to the extent needed to support the purpose of the disclosure

Question 56

CMS

Accepted Answer

Main Federal Government agency responsible for healthcare

Question 57

HIPAA Provision Title 1

Accepted Answer

Healthcare Access, Portability and Renewability

Question 58

HIPAA Provision Title 2

Accepted Answer

Preventing Healthcare fraud and abuse; administrative simplification

Question 59

HIPAA Provision Title 3

Accepted Answer

Tax-Related Health Provisions

Question 60

HIPAA Provision Title 4

Accepted Answer

Application and enforcement of group health plan requirements

Question 61

HIPAA Provision Title 5

Accepted Answer

Revenue Offsets

Question 62

Covered entities are those that

Accepted Answer

Transmit any health information in electronic form

Question 63

Electronic data interchange

Accepted Answer

A system-to-system exchange of data in a standardized format

Question 64

Clearinghouses

Accepted Answer

companies that convert nonstandard transactions into standard transactions and transmit the data to health plans

Question	Answer
A Medical record contains	facts, findings, and observations about a patient’s health.
Documentation	means organizing a patient’s health record in chronological order using a systematic, logical, and consistent method. • Includes health history, examinations, tests, and treatment. • Must be complete
Medical standards of care	are state-specified performance measures for healthcare delivery.
Medical Necessity	services must be consistent with generally accepted standards of care
Encounter	visit between a patient and a medical professional.
Evaluation and Management (E/M)	provider’s evaluation of a patient’s condition and decision on a course of treatment:
Informed consent	process by which a patient authorizes medical treatment after a discussion with a physician.
Centers for Medicare and Medicaid Services (CMS)	the main federal government agency responsible for healthcare, overseeing Medicare, Medicaid, clinical laboratories, and other government health programs
State Regulation:	States are also major regulators.
HIPAA	federal act with guidelines for standardizing the electronic data interchange of administrative and financial healthcare transactions, exposing fraud and abuse, and protecting and securing PHI.
HITECH health information technology	a law with provisions concerning standards for electronic transmission of healthcare data.
Meaningful use	signifies the utilization of certified EHR technology to improve quality, efficiency, and patient safety;
Affordable Care Act (ACA)	Health system reform legislation that offers improved insurance coverage and other benefits. Offers incentives to form accountable care organizations (ACOs)
accountable care organizations (ACOs)	a network of doctors and hospitals who share responsibility for managing quality and cost of care provided to a group of patients.
HIPAA Covered Entity (CE)	Healthcare organization (health plan, clearinghouse, provider, or business associate) that transmits HIPAA- protected information electronically
Business associates (BA’s)	Organizations that work for covered entities but are not themselves CEs (law firms; outside medical billers, coders, and transcriptionists; collection agencies; accountants)
HIPAA Privacy Rule	Law regulating use and disclosure of patients’ protected health information (PHI).
Protected health information (PHI)	individually identifiable health information transmitted or maintained by electronic media.
(TPO)	treatment, payment, and healthcare operations
Designated record set (DRS)	CE’s records that contain PHI.
Notice of Privacy Practices (NPP)	description of a CE’s principles and procedures related to protection of patients’ health information.
Accounting for disclosure	documentation of the disclosure of a patient’s PHI in that person’s medical record in unauthorized cases
authorization	written permission
The HIPAA Security Rule requires	CEs to establish safeguards to protect PHI
Encryption	method of converting a message into encoded text.
Other Security Measures	Secure Internet connection, Access control, passwords, Backups to replace items after damage. Security policies to handle violations that do occur
The Health Information Technology for Economic and Clinical Health (HITECH) Act requires CEs to	notify affected individuals following the discovery of a breach of unsecured health information.
Breach	impermissible use or disclosure of PHI that could pose significant risk to the affected person.
Breach notification	document notifying an individual of a breach (usually required within 60 days).
Employer Identification Number	EIN
National Provider Identifier	NPI
Omnibus Rule	set of regulations enhancing patients’ privacy protections and rights to information, and the government’s ability to enforce HIPAA.
1st final rule	Strengthen previous HIPAA/HITECH rules.
2nd final rule	Increase civil monetary penalties for violations
3rd final rule	Restate the standard for reporting breaches.
4th final rule	Prohibit health plans from using or disclosing genetic information for determining insurance coverage.
Office for Civil Rights (OCR)	government agency that enforces the HIPAA privacy standards and investigates civil complaints on behalf of an individual
Department of Justice	prosecutes criminal violations of HIPAA privacy standards
Office of Inspector General	Investigates suspected fraud and audit records of physicians and payers
Fraud	Intentional deceptive act to obtain a benefit by taking advantage of another person:
Abuse	action that improperly uses another’s resources
Compliance plan	medical practice’s written plan for complying with regulations
A compliance officer is in charge of	ongoing work and can be a physician, practice manager, or billing manager
A compliance committee is established to	oversee the entire program
Error and omission insurance may	be recommended as part of a compliance guideline for the healthcare facility’s employees.
OCR	Office of Civil rights
PHI	Protected Health information
TCS	Transaction set Codes
DRS	Designated record set
EHR	Electronic Health Record
CC	Chief Complaint
NPI	National providers Identification
NPP	Notice of Privacy Practices
OIG	Office of inspector General
Minimum necessary Standard	The Principle that individually identifiable health information should be disclosed only to the extent needed to support the purpose of the disclosure
CMS	Main Federal Government agency responsible for healthcare
HIPAA Provision Title 1	Healthcare Access, Portability and Renewability
HIPAA Provision Title 2	Preventing Healthcare fraud and abuse; administrative simplification
HIPAA Provision Title 3	Tax-Related Health Provisions
HIPAA Provision Title 4	Application and enforcement of group health plan requirements
HIPAA Provision Title 5	Revenue Offsets
Covered entities are those that	Transmit any health information in electronic form
Electronic data interchange	A system-to-system exchange of data in a standardized format
Clearinghouses	companies that convert nonstandard transactions into standard transactions and transmit the data to health plans
Encryption	method of converting a message into encoded text
HIPAA Electronic Health Care Transaction and Code Sets	Rules governing the electronic exchange of health information
EIN	Employer Identification Number
Omnibus Rule	Set of regulations enhancing patients' privacy protections and rights to information

"Know" box contains:
Time elapsed:
Retries:

MED115 Chapter 2