Term 1 of 85
In addition to HIE (Health Information Exchange) and HIN (Health Information Network) what
types of Cures Act actors are liable under the information blocking CMP final rules?
covered entities
Health IT developers of certified health IT or other entities offering certified health IT
business associates
Health care providers not affiliated with HIE, HIN or offering shared certified health IT
Term 2 of 85
When asked to give a presentation to the board on the implementation of a privacy program, a
privacy professional should consider which of the following elements FIRST?
program budget
budget plan
training plan
program scope
Term 3 of 85
Contract provisions for background checks of vendor employees ensures the performance of
due diligence on third parties
third parties' services to the organization
HIPAA privacy rule standard implementation
requirements related to SAMSHA
,Term 4 of 85
The OIG recommends that general compliance training for employees, physicians, and volunteers
be provided:
monthly
quarterly
annually
biannually
Term 5 of 85
When using email to communicate with patient, what method out of the following is an
appropriate safeguard per the Security Rule guidelines?
Asking the patient to delete the message immediately after he or she reads it
If a patient emails the employee first, the Rule does not apply
Using encryption to send the email to the patient
Only using patient's medical record number in the email not his or her name
Term 6 of 85
What should an employee do when he or she suspects another employee is in violation of the
privacy or security policies?
Gather solid evidence against the person
Confront the individual and tell the person that he or she is violating the rules
Nothing
Report suspicions to the office manager, privacy/security officer, or other designated
person
,Term 7 of 85
Which of the following governmental bodies has enforcement authority for HIPAA privacy?
c. Only use what is needed to perform his or her job duties
OCR
a. Treatment, payment, health care administration
Participating in continuing education to maintain professional competency.
Term 8 of 85
Which agency within HHS (Health and Human Services) is specified by law to investigate and
assign information blocking civil monetary penalties?
OCR
ONC
OIG
FTC
Term 9 of 85
An employee contacts a privacy professional about the employee's involvement in possible illegal
activity involving misuse of individually identifiable information. Which of the following should the
privacy professional do FIRST?
ask the CFO for assistance
contact legal counsel
notify local law enforcement
refer the employee to HR
, Term 10 of 85
A hotline caller states the coding department was instructed to code based on LCD requirements
regardless of medical record information. Which of the following should be the compliance
professional's FIRST action?
direct the coding supervisor to follow the applicable policy
incorporate the coding issue into next year's risk assessment
design a review to find facts and circumstances related to the compliant
engage outside counsel to protect the underlying facts from discovery
Term 11 of 85
Sign-in sheets include protected health information. However, they may be used without violating
privacy rules for this reason:
Patient name is not protected health information
The sign-in sheet is used for health care operations and is considered an incidental
disclosure
The patient name is usually not legible
Not all persons signing the sheet are patients
Term 12 of 85
Which of the following agencies indicates a self-evaluation after discovery of potentially
fraudulent acts
Did you ever observe anything that made you feel uncomfortable?
true
OCR
OIG
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller stuuviaa. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.