RHIA Domain 2 Exam with Questions and 100% Correct Answers
7 views 0 purchase
Course
RHIA Domain 2
Institution
RHIA Domain 2
Dr. Smith, a member of the medical staff, asks to see the medical records of his adult
daughter who was hospitalized in your institution for a tonsillectomy at age 16. The
daughter is now 25. Dr. Jones was the patient's physician. Of the options listed here,
what is the best course of action? - ...
RHIA Domain 2 Exam with Questions and
100% Correct Answers
Dr. Smith, a member of the medical staff, asks to see the medical records of his adult
daughter who was hospitalized in your institution for a tonsillectomy at age 16. The
daughter is now 25. Dr. Jones was the patient's physician. Of the options listed here,
what is the best course of action? - Answer Inform Dr. Smith that he cannot access his
daughter's health record without her signed authorization allowing him access to the
record.
St. Joseph's Hospital has a psychiatric service on the sixth floor. A 31-year-old male
came to the HIM department and requested to see a copy of his health record. He told
the clerk he was a patient of Dr. Schmidt, a psychiatrist, and had been on the sixth floor
of St. Joseph's for the last two months. These records are not psychotherapy notes. The
best course of action for you to take as the HIM director is: - Answer Allow the patient
to access his record if, after contacting his physician, his physician does not feel it will be
harmful to the patient.
You are a member of the hospital's Health Information Management Committee. The
committee has created a HIPAA-compliant authorization form. Which of the following
items does the Privacy Rule require for the form? - Answer Identification of the person
or entity authorized to receive PHI
Which of the following would be considered an identifier under the Privacy Rule? -
Answer Vehicle license plate
A hospital health information department receives a subpoena duces tecum for records
of a former patient. When the health record professional goes to retrieve the patient's
medical records, it is discovered that the records being subpoenaed have been purged
in accordance with the state retention laws. In this situation, how should the HIM
,department respond to the subpoena? - Answer Submit a certification of destruction in
response to the subpoena
An HIM professional violates privacy protection under the HIPAA Privacy Rule when he
or she releases ________ without specific authorization from the patient(s) or patient
representative(s). - Answer A list of newborns to the local newspaper for publication in
the birth announcements section
What is the implication regarding the confidentiality of incident reports in a legal
proceeding when a staff member documents in the health record that an incident
report was completed about a specific incident? - Answer The incident report likely
becomes discoverable because it is mentioned in a discoverable document.
This federal agency is charged with responsibility for the oversight and enforcement of
the HIPAA privacy regulations. - Answer The HHS Office of Civil Rights
The Kids' Foundation, a foundation related to Children's Hospital, is mailing fundraising
information to the families of all patients who have been treated at Children's in the
past three years. Based on the facts given: - Answer Children's Hospital must have
notified the patients or patients' guardians of this disclosure in the Notice of Privacy
Practices
For which of the following situations would an audit trail be useful? - Answer
Reconstructing electronic events
Sometimes federal and state health information privacy laws and regulations are in
conflict. When this is the case one law must take precedence. For health information
privacy this is determined as follows: - Answer The law that gives the consumer greater
rights with respect to their PHI takes precedence
,A hospital employee destroyed a health record so that its contents—which would be
damaging to the employee—could not be used at trial. In legal terms, the employee's
action constitutes: - Answer Spoliation
A breach occurs when unsecured protected health information is accessed or released.
The Secretary of HHS and local media must be notified if this threshold of patient
records breached has been met or exceeded. - Answer 500
The Security Rule leaves the methods for conducting the security risk analysis to the
discretion of the healthcare entity. The first consideration for a healthcare facility should
be: - Answer Its own characteristics and environment
Addressable Security Rule implementation specifications: - Answer Should be
implemented unless a healthcare entity determines that the specification is not
reasonable and appropriate and documents their reasoning
Employees, volunteers, trainees, and other persons performing functions on behalf of
covered entities and business associates, whether paid or not, are considered to be: -
Answer Workforce
Although an addressable implementation specification, this reduces or prevents access
and viewing of ePHI. - Answer Encryption
The concept of legal hold requires: - Answer Special, tracked handling of patient records
involved in litigation to ensure no changes can be made
The Breach Notification Rule requires covered entities to establish a process for
investigating whether a breach has occurred and which of the following? - Answer
Notify affected individuals when a breach occurs
, The HIPAA methods titled Expert Determination and Safe Harbor are ways in which the
following can be achieved legally. - Answer Deidentification
Placing locks on computer room doors is considered what type of security control? -
Answer Physical access control
Anywhere General Hospital allows all of the ICU nurses to log on with a standard ID and
password. This is not allowed by which standard of the Security Rule? - Answer Access
Control Standard
Copies of personal health records (PHRs) are considered part of the legal health record
when: - Answer Used by the healthcare entity to provide treatment
Under what access security mechanism would an individual be allowed access to ePHI if
he or she has a proper login and password, belongs to a specified group, and his or her
workstation is located in a specific place within the facility? - Answer Context-based
Which of the following is the systematic process of identifying security measures to
afford protections based on a healthcare entity's specific environment? - Answer Risk
analysis
What is the most common type of security threat to a health information system? -
Answer Internal to the healthcare entity
Mary is contemplating triple bypass surgery. Informed consent by her surgeon would
typically contain which of the following? - Answer Risks associated with the procedure
The process of entity authentication means a computer: - Answer Reads a
predetermined set of criteria to determine if a user is who he or she claims to be
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Examsplug. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.99. You're not tied to anything after your purchase.
