Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
HIT 142 Final Exam
HIT 142 Final Exam Review
| Question | Answer |
|---|---|
| A health information technician receives a subpoena ad testificandum. To respond to the subpoena, which of the following should the technician do? | Review the subpoena and appear at the time and place supplied to give testimony |
| Which of the following laws created the HITECH Act? | American Recovery and Reinvestment Act |
| Which of the following definitions best describes the concept of confidentiality? | The expectation that personal information shared by an individual with a healthcare provider during the individual's care will be used only for its intended purpose |
| The release of information function requires the HIM professional to have knowledge of ______________. | federal and state confidentiality laws |
| Which of the following individuals may authorize release of health information? | A married 15-year-old father |
| Ted and Mary are the adoptive parents of Susan, a minor. What is the best way for them to obtain a copy of Susan's operative report? | Present an authorization that at least one of them (Ted and Mary) has signed |
| A patient requests a copy of his health records. When the request is received, the HIM clerk finds that the records are stored off-site. Which is the longest timeframe the hospital can take to remain in compliance with HIPAA regulations? | Provide copies of the records within 60 days |
| The admissions director maintains that a notice of privacy practices must be provided to the patient on each admission. How should the HIM director respond? | Notice of privacy practices is required on the first provision of service. |
| Access to health records based on protected health information within a healthcare facility should be limited to employees who have a ___________________. | legitimate need for access |
| What types of covered entity health records are subject to the HIPAA privacy regulations? | Health records in any format |
| A patient requests copies of her medical records in an electronic format. The hospital does not maintain all the designated record set in an electronic format. How should the hospital respond? | Provide the records in paper format only |
| Sally has requested an accounting of PHI disclosures from Community Hospital. Which of the following must be included in an accounting of disclosures to comply with the request? | PHI sent to a physician who has not treated Sally |
| Release of birth and death information to public health authorities __________________. | is a public health activities disclosure that does not require patient authorization |
| Under the HIPAA Privacy Rule, which of the following statements is true? | An authorization must contain an expiration date or event. |
| Waubonsee Clinic has requested that Aurora Hospital send its hospital records for Susan William's most recent admission to the clinic for her follow-up appointment. Which of the following statements is true? | The Privacy's Rule minimum necessary does not apply. |
| Under HIPAA rules, when an individual asks to see his or her own health information, a covered entity _________________. | can deny access to psychotherapy notes |
| Which of the following statements is true regarding HIPAA security? | Institutions are allowed flexibility in the way they implement HIPAA standards. |
| A coding compliance manager is reviewing a tool that identifies when a user logs in and out, what he or she does, and more. What is the manager reviewing? | Audit trail |
| When data has been lost in an EHR, which action is taken to remedy this problem? | Data recovery |
| A hospital is planning to allow coding professionals to work at home. The hospital is in the process of identifying strategies to minimize the security risks associated with this practice. What would be best to ensure that data breaches are minimized? | Automatic session log-off |
| On review of the audit trail for an EHR system, the HIM director discovers that a departmental employee who has authorized access to patient records is printing far more records than the average user. In this case, what should the supervisor do? | Determine what information was printed and why |
| Which of the following refers to guarding against improper information modification or destruction? | Integrity |
| An employee accesses PHI on a computer system that does not relate to her job functions. What security mechanisms should have been implemented to minimize this security breach? | Access controls |
| Which of the following is an example of a physical safeguard that should be provided for a data security program? | Locking computer rooms |
| An external security threat can be caused by which of the following? | Tornadoes |
| With regard to training in PHI polices and procedures ___________________. | every member of the covered entity's workforce must be trained |
| Under the Omnibus Final Rule, the provider should notify those patients affected by the breach of security with __________ days of the breach. | 60 |
| Which of the following is a characteristic of breach notification? | It applies when one person's PHI is breached. |
| Which of the following are policies and procedures required by HIPAA that address the management of computer resources and security? | Administrative safeguards |
| What is the biggest threat to the security of healthcare data? | Employees |
| A secretary in the Nursing Office was recently hospitalized with ketoacidosis. She comes to the HIM department and requests to review her health record. Of the options here, what is the best course of action? | Allow her to review her record after obtaining authorization from her. |
| Plano Hospital has a contract with Ready-Clean, a local company, to come into the hospital to pick up all of the facility's linens for off-site laundering. Read-Clean is _____________. | Not a business associate because it does not use or disclose individually identifiable health information |
| What resource should be consulted in terms of who may authorize access, use, or disclose the health records of minors? | State law because HIPAA defers to state laws on matters related to minors |
| The medical record of the plaintiff, has been subpoenaed for a deposition. The plaintiff's attorney wishes to use the records as evidence. In this situation, although the record constitutes hearsay, it may be used based on ________. | business records exception |
| Burning, shredding, pulping, and pulverizing are all acceptable methods in which process? | Destruction of paper-based health records |
| The HIPAA Privacy Rule requires that covered entities must limit use, access, and disclosure of PHI to only the amount needed to accomplish the intended purpose. What concept is this an example of? | Minimum necessary |
| To comply with HIPAA regulations, a hospital would make its membership in an HIE (Health Information Exchange) known to its patients through which of the following? | Notice of Privacy Practices |
| The process of releasing health record documentation originally created by a different provider is called __________. | redisclosure |
| Jane's widowed mother is elderly and often confused. She has asked Jane to accompany her to the physician office as she often forgets to tell the physician information. Under the Privacy Rule, the release of her mother's PHI to Jane is ______________. | allowed when the information is directly relevant to Jane's involvement in her mother's care or treatment |
| Which of the following statements represents an example of nonmaleficence? | HITs must ensure that patient-identifiable information is not released to unauthorized parties. |
| The legal term used to describe when a patient has the right to maintain control over certain personal information is referred to as ___________. | confidentiality |
Created by:
Prof Clark