c. Insurance company who paid for the care recorded in the record
d. No one - answer B
Community Hospital is terminating its business associate relationship with a medical transcription
company. The transcription company has no further need for any identifiable information that it
may have obtained in the course of its business with the hospital. The CFO of the hospital believes
that to be HIPAA compliant, all that is necessary is for the termination to be in a formal letter signed
by the CEO. In this case, how should the director of HIM advise the CFO?
a. Determine that a formal letter of termination meets HIPAA requirements and no further action is
required.
b. Confirm that a formal letter of termination meets HIPAA requirements and no further action is
required except that the termination notice needs to be retained for seven years.
c. Confirm that a formal letter of termination is required and that the transcription company must
provide the hospital with a certification that all PHI that it had in - answer C
What does the term access control mean?
a. Identifying the greatest security risks
b. Identifying which data employees should have a right to use
c. Implementing safeguards that protect physical media
d. Restricting access to computer rooms and facilities - answer B
Under HIPAA, which of the following is not named as a covered entity?
a. Attending physician
b. Healthcare clearinghouse
c. Health plan
d. Outsourced transcription company - answer D
Which of the following is an organization's planned response to protect its information in the case of
a natural disaster?
,a. Administrative controls
b. Contingency plan
c. Audit trail
d. Physical controls - answer B
A secretary in the Nursing Office was recently hospitalized with ketoacidosis. She comes to the HIM
department and requests to review her health record. Of the options here, what is the best course
of action?
a. Allow her to review her record after obtaining authorization from her.
b. Refer the patient to her physician for the information.
c. Tell her to go through her supervisor for the information.
d. Tell her that hospital employees cannot access their own medical records. - answer A
Which of the following provide the objective and scope for the HIPAA Security Rule as a whole?
a. Administrative provisions
b. General rules
c. Physical safeguards
d. Technical safeguards - answer B
he release of information function requires the HIM professional to have knowledge of:
a. Clinical coding principles
b. Database development
c. Federal and state confidentiality laws
d. Human resource management - answer C
A health information technician receives a subpoena ad testificandum. To respond to the subpoena,
which of the following should the technician do?
a. Review the subpoena to determine what documents must be produced
b. Review the subpoena and notify the hospital administrator
c. Review the subpoena and appear at the time and place supplied to give testimony
d. Review the subpoena and alert the hospital's risk management department - answer C
, Which of the following is an example of a business associate?
a. Contract coder
b. Environmental services department
c. Hospital security officer
d. Employee with access to e-PHI - answer A
The medical record of Kathy Smith, the plaintiff, has been subpoenaed for a deposition. The
plaintiff's attorney wishes to use the records as evidence to prove his client's case. In this situation,
although the record constitutes hearsay, it may be used as evidence based on the:
a. Admissibility exception
b. Discovery exception
c. Direct evidence exception
d. Business records exception - answer D
Release of birth and death information to public health authorities:
a. Is prohibited without patient consent
b. Is prohibited without patient authorization
c. Is a public interest and benefit disclosure that does not require patient authorization
d. Requires both patient consent and authorization - answer C
When an individual requests a copy of the PHI or agrees to accept summary or explanatory
information, the covered entity may:
a. Impose a reasonable cost-based fee
b. Not charge the individual
c. Impose any fee authorized by state statute
d. Charge only for the cost of the paper on which the information is printed - answer A
The right of an individual to keep personal health information from being disclosed to anyone is a
definition of:
a. Confidentiality
b. Integrity
c. Privacy
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller PROFJOSEPH. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.