100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
HCCA - CHPC Study Questions And Answers 100% Guaranteed Success. $13.99   Add to cart

Exam (elaborations)

HCCA - CHPC Study Questions And Answers 100% Guaranteed Success.

 14 views  0 purchase
  • Course
  • HCCA - CHPC
  • Institution
  • HCCA - CHPC

HCCA - CHPC Study Questions And Answers 100% Guaranteed Success. What is the purpose of HIPAA? - correct answer. • Protect PHI from unauthorized disclosure/use; • Prevent fraud, waste and abuse (via Administrative Simplification); • Make health insurance portable under ERISA; �...

[Show more]

Preview 4 out of 54  pages

  • September 27, 2024
  • 54
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • HCCA - CHPC
  • HCCA - CHPC
avatar-seller
techgrades
HCCA - CHPC Study Questions And
Answers 100% Guaranteed Success.

What is the purpose of HIPAA? - correct answer. • Protect PHI from unauthorized
disclosure/use;
• Prevent fraud, waste and abuse (via Administrative Simplification);
• Make health insurance portable under ERISA;
• Move health care onto a nationally standardized electronic billing platform

Ref. https://quizlet.com/6202453/hcca-chpc-overview-flash-cards/
More on HIPAA: https://www.hhs.gov/hipaa/index.html

HIPAA resides in which CFR section? - correct answer. 45 CFR sections 164.102
through 164.534

https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164

What are the subparts of HIPAA part 164? - correct answer. HIPAA - 45 CFR 164,
subparts:
Subpart A - General rules
Subpart C - Security
Subpart D - Breach notification
Subpart E - Privacy

https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164

How do you determine if an organization is a "Covered Entity"? - correct answer. 1.
compare if the organization meets one of the 3 types of CE (provider, health plan,
clearinghouse)
and
2. determine if the organization electronically transmits one of the 9 defined
transactions:
• Health claims or equivalent encounter information
• Health claims attachments
• Enrollment and disenrollment in a health plan
• Eligibility for a health plan
• Health care payment and remittance advice

,• Health plan premium payments
• First report of injury
• Health claim status
• Referral certification and authorization

In addition, business associates of covered entities must follow parts of the HIPAA
regulations.
https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html

This Act established in 1974 was created for government agencies placing restrictions
on how the government can share the information maintained in Federal systems of
records that might infringe on an individual's privacy rights with other individuals and
agencies. - correct answer. The Privacy Act of 1974

Which of the following is not considered a HIPAA Entity Designation:
1. Affiliated covered entity
2. Entity that performs healthcare and non-healthcare component activities including
both covered and non-covered functions
3. A group health plan
4. Contract arrangement with FEDEX carrier - correct answer. 4. Contract
arrangement with FEDEX carrier

What is Gramm-Leach-Bliley Act (GLBA)? - correct answer. Gramm-Leach-Bliley Act
(GLBA), also known as the Financial Services Modernization Act of 1999, includes The
Financial Privacy Rule and The Safeguards Rule requires all financial institutions to
protect customer's personal financial information.

What is an OHCA? - correct answer. OHCA (Organized Health Care Arrangement) it's
a clinically integrated care setting where individuals receive health care from more than
one provider.
These are joint arrangements/activities and have an Integrated Delivery System for
easy exchange of PHI data. See 45 CFR 160.103. OHCAs can also utilize a joint NPP.
See 45 CFR § 164.520(d).

ACE (Affiliated Covered Entity) do not have an Integrated Delivery System because
these are legally separate covered entities that are associated in business, or affiliated
as a result of some common control or ownership.

Both the OHCA and the ACE would allow sharing of PHI across participating entity lines
for treatment, payment, operations purposes (TPO).

What's an ACE? - correct answer. ACE (Affiliated Covered Entity)
Legally separate covered entities that share common control/ownership and designate
themselves as a single CE for the purpose of complying with the HIPAA Privacy
standards.

,ACEs do not have an Integrated Delivery System, while OHCA do, and can share a
single NPP. See 45 CFR § 164.520(d)

ACE example: a health system composed on several affiliated hospitals.

Both the OHCA and the ACE would allow sharing of PHI across participating entity lines
for treatment, payment, operations purposes (TPO).

What's a Hybrid Entity? - correct answer. Entity that conducts both covered functions
(or healthcare-functions) and non-covered functions (other biz/non-healthcare functions)
to elect to be a "hybrid entity."

For instance, a University System that has a research laboratory or academic medical
center.
The post-secondary functions (non-healthcare components) do NOT need to comply
with HIPAA.
The research lab/med center functions (healthcare component) needs to comply with
HIPAA provisions to protect the use/disclosure of PHI involved.

https://www.hhs.gov/hipaa/for-professionals/faq/315/when-does-a-covered-entity-have-
discretion-to-determine-covered-
functions/index.html#:~:text=For%20example%2C%20a%20hybrid%20entity,hybrid%20
entity's%20health%20care%20component.

https://privacyruleandresearch.nih.gov/pr_06.asp

The transmission of information between two parties to carry out financial or
administrative activities related to health care is called: - correct answer. Transaction
(healthcare transaction).

Few examples of healthcare transactions:
healthcare claims;
coordination of benefits;
health plan premium payments;
remittance advice (or ETF, electronic fund transfer);
referral certification and authorization

What are examples of a BA? - correct answer. BA (Business Associate) - performs
functions or activities on behalf of a covered entity that involve access by the business
associate to protected health information.
Examples:
claims processing
data analysis
billing
benefit management
quality assurance

, quality improvement
practice management
legal
actuarial
accounting
accreditation
other administrative services
https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/business-
associates/index.html

True or False:
A hospital is not required to have a business associate contract with the specialist to
whom it refers a patient and transmits the patient's medical chart for treatment
purposes. - correct answer. TRUE

Remember, use and disclosure of PHI for purposes of TPO requires no specific
authorization

True or False:
Business Associates After HITECH:
HITECH made business associates directly responsible for HIPAA compliance within
their individual businesses that would not otherwise be subject to HIPAA regulations
and penalties - correct answer. TRUE

Even if no written contract exists between the covered entity and a contracted company
performing services related to handling PHI in some form, the company is deemed a
business associate by law. This deemed status essentially classifies contracted vendors
or individuals as business associates solely by the nature of the services they provide to
a covered entity, regardless of whether they intended to be classified as business
associates or were aware of their status as such. HIPAA and HITECH may hold these
vendors to business associate obligations as long as they act as business associates.

Likewise, a subcontractor that creates, receives, maintains, or transmits PHI on behalf
of a business associate is a business associate. A subcontractor of a subcontractor is a
business associate as well, and so on down the line.

Ref. 2023 HCCA Complete Healthcare Compliance Manual
Ref. HITECH Act and OCR's 2013 final rule

True or False:
Under HIPAA and HITECH, individuals or entities who have been identified as business
associates are obligated to enter into a business associate agreement with their
contracted covered entities. - correct answer. TRUE

Business associate agreement mandate under the HIPAA Privacy Rule. There are
some exceptions such:

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller techgrades. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

72042 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.99
  • (0)
  Add to cart