.png){kind=logo}
- | Page
CMOM – PRACTICE MANAGEMENT INSTITUTE
UPDATED ACTUAL EXAM WITH CORRECT
SOLUTIONS.
HIPPA REGULATION: Privacy Overview - correct answer-
There are three major areas addressed in the Privacy
Regulation: 1. Use and disclosure of PHI, 2. Patient rights 3.
Security administrative and physical
Business Associates - correct answer- can be held directly accountable by federal or state authority for failure to comply with HIPAA statutory or regulations. ex. IT techs, Janitors, Cleaning Services, Vendors, Collection agencies, Consultants and Billing Services.
Entities - correct answer- ex. doctors, hospitals, pharmacy
Breach - correct answer- unauthorized acquisition access, use or disclosure of protected health information, ex. ALGH issue on breach where health info was spread with no consents from patients.
What is NOT considered a breach? - correct answer- 1. Where an authorized person who received the health info. cannot reasonably have been able to retain it. 1 / 3
- | Page
- If an unintentional acquisition, access, or use occurs within
- If it is an inadvertent disclosure that occurs within a facility,
the scope of employ. and info doesn't go any further.
and the information does not go any further.
Tiered Increase in Civil Monetary Penalties - correct answer- HIPPA violation at $50,000 per violation and an annual maximum of $1.5million.
What are examples that could not result in HIPPA violation by DHHS? - correct answer- -Overheard phone or nursing station conversation -Joint treatment areas -Sign-in sheets -Calling names in reception areas -Hospital rounds Solutions would be to speak quietly, cubicles, curtains, dividers, asking patients to step back, or closing doors.
Health Information (PHI) - correct answer- Any info. whether oral or recorded in any form or medium that is created or received by a health care provider, health, plan public health authority, employer, life insurer, school or university, or health care clearinghouse, and related to the past, present or future physical or mental health or condition. 2 / 3
- | Page
Individual Identifiable Health Information (IIHI) - correct answer- Information that is a subset of health information, including demographic, information collected from an individual.
Identifiers - correct answer- -Email address -Social Security number -Medical record number -Vehicle identifier -Full face photograph
The Notice of Privacy Practices should be... - correct answer- In a written language, tape, or video that the patient understands, be clearly posted in the practice or facility, and if applicable, on the practice website.
Fraud - correct answer- the intentional deception or misrepresentation that an individual knows to be false or does not believe to be true and makes, knowingly that the deception could result in some unauthorized benefit to himself/herself or some other person.ex. Billing for services that were not furnished and or supplies that were not provided
- / 3
.png)