Chat with AI
Deck 8: Confidentiality and Compliance
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/40
Play
Full screen (f)
Deck 8: Confidentiality and Compliance
1
During litigation, who is responsible for certification of medical records?
A) privacy offer
B) security officer
C) provider
D) custodian
A) privacy offer
B) security officer
C) provider
D) custodian
custodian
2
Which is an element of a valid subpoena that HIM staff should recognize when following the subpoena process?
A) Name of the judge who authorized the subpoena
B) Proof of identity of the patient whose record is being subpoenaed
C) Docket number of the case
D) Reason for litigation, such as alleged malpractice
A) Name of the judge who authorized the subpoena
B) Proof of identity of the patient whose record is being subpoenaed
C) Docket number of the case
D) Reason for litigation, such as alleged malpractice
Docket number of the case
3
What part of the U.S. Constitution invalidates any local, state, or federal laws that conflicts with the Constitution?
A) The Preamble
B) The Bill of Rights
C) The Emoluments Clause
D) The Supremacy Clause
A) The Preamble
B) The Bill of Rights
C) The Emoluments Clause
D) The Supremacy Clause
The Supremacy Clause
4
Which type of subpoena compels a person to testify?
A) Subpoena duces tecum
B) Subpoena ad litem
C) Subpoena ad testificandum
D) Subpoena respondeat superior
A) Subpoena duces tecum
B) Subpoena ad litem
C) Subpoena ad testificandum
D) Subpoena respondeat superior
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
5
Posting about a patient's health on social media would be which tort?
A) libel
B) slander
C) invasion of privacy
D) defamation
A) libel
B) slander
C) invasion of privacy
D) defamation
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
6
Which is the crime of the threat of harming another person?
A) Assault
B) Battery
C) Kickback
D) Defamation
A) Assault
B) Battery
C) Kickback
D) Defamation
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
7
A physician's brother is a speech pathologist, so the physician refers patients to him for services. Which law is the physician breaking?
A) False Claims Act
B) Sunshine Act
C) Stark Law
D) The Health Insurance Portability and Accountability Act
A) False Claims Act
B) Sunshine Act
C) Stark Law
D) The Health Insurance Portability and Accountability Act
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
8
Upcoding is which crime?
A) fraud
B) battery
C) tort
D) defamation
A) fraud
B) battery
C) tort
D) defamation
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
9
A patient complains that they do not agree with certain information in their designated record set and asks to make an amendment. Your current Patient Rights Policy and Procedure on Access to Personal Health Records, as required under HIPAA, states that the patient must be provided with an amendment/correction form. The patient completes the form. What should be the next step, under HIPAA, in your Policy and Procedure?
A) Contact the physician whose documentation the patient disagrees with and request the physician to make an amendment to the patient's record.
B) Review the amendment/correction form and respond to the patient within 60 days, either accepting or denying the amendment.
C) Require the patient to provide documentation proving their identity and, if the documentation is valid, enter the amendment/correction form into the patient's record, noting the date of entry.
D) Assist the patient by filing the amendment/completion form with the U. S. Department of Health and Human Services (DHHS) and the Office of Civil Rights, ensuring their complaint is heard.
A) Contact the physician whose documentation the patient disagrees with and request the physician to make an amendment to the patient's record.
B) Review the amendment/correction form and respond to the patient within 60 days, either accepting or denying the amendment.
C) Require the patient to provide documentation proving their identity and, if the documentation is valid, enter the amendment/correction form into the patient's record, noting the date of entry.
D) Assist the patient by filing the amendment/completion form with the U. S. Department of Health and Human Services (DHHS) and the Office of Civil Rights, ensuring their complaint is heard.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
10
Which would be known as a business associate under the HIPAA guidelines?
A) The laundry service that picks up and drops off scrub sets.
B) The clinical laboratory where the medical office sends specimens.
C) The vendor that supplies water and snacks for the medical office.
D) The company that services the elevator.
A) The laundry service that picks up and drops off scrub sets.
B) The clinical laboratory where the medical office sends specimens.
C) The vendor that supplies water and snacks for the medical office.
D) The company that services the elevator.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
11
The nurse is curious why his sister-in-law, who is the patient of a provider at a different branch of the health care organization, has so many doctor's appointments. Is it legal for him to look at her health record? Why or why not?
A) No, because health information is only disclosed to those who need it to care for the patient.
B) No, because nurses cannot access medical records without permission from a provider.
C) Yes, because the nurse is a family member.
D) Yes, because the nurse is an employee of the same health care organization.
A) No, because health information is only disclosed to those who need it to care for the patient.
B) No, because nurses cannot access medical records without permission from a provider.
C) Yes, because the nurse is a family member.
D) Yes, because the nurse is an employee of the same health care organization.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
12
What form authorizes the provider to treat the patient?
A) informed consent
B) advance directive
C) Conditions of Admission
D) accounting of disclosures
A) informed consent
B) advance directive
C) Conditions of Admission
D) accounting of disclosures
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
13
HIM staff overseeing release of information know they must comply with two types of required disclosures under the HIPAA Privacy Rule, which are:
A) to the individual who is the subject of the information, and for treatment, payment, or health care operations.
B) for public priority purposes (breeches), and to the secretary of the DHHS for purposes of determining compliance.
C) for treatment, payment or health care operations, and for public priority purposes (epidemics).
D) to the individual who is the subject of the information, and to the secretary of the DHHS for purposes of determining compliance.
A) to the individual who is the subject of the information, and for treatment, payment, or health care operations.
B) for public priority purposes (breeches), and to the secretary of the DHHS for purposes of determining compliance.
C) for treatment, payment or health care operations, and for public priority purposes (epidemics).
D) to the individual who is the subject of the information, and to the secretary of the DHHS for purposes of determining compliance.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
14
Which is a way the HITECH Act strengthened Health Insurance Portability and Accountability Act (HIPAA) regulations?
A) it required all health records be subject to the business record rule
B) it required plain language for all Notice of Privacy Practices (NPP) documents
C) it required the information disclosed from one covered entity to another for health care operations to be limited to the minimum necessary
D) it required the use of the electronic health record (EHR) among providers who meet a threshold of annual revenues or discharges
A) it required all health records be subject to the business record rule
B) it required plain language for all Notice of Privacy Practices (NPP) documents
C) it required the information disclosed from one covered entity to another for health care operations to be limited to the minimum necessary
D) it required the use of the electronic health record (EHR) among providers who meet a threshold of annual revenues or discharges
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
15
An insurance company may obtain patient records by all of the following, EXCEPT:
A) prospective consent under the conditions of admission.
B) by subpoena for disclosure of chemical dependency information.
C) prospective consent obtained when the patient became insured.
D) retrospective consent obtained after the patient is discharged.
A) prospective consent under the conditions of admission.
B) by subpoena for disclosure of chemical dependency information.
C) prospective consent obtained when the patient became insured.
D) retrospective consent obtained after the patient is discharged.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
16
The Notice of Privacy Practices is provided to the patient prior to each admission and contains all of the following required information, EXCEPT:
A) the facility's privacy policies.
B) the physician's signature.
C) discussion of how the facility discloses patient information.
D) the privacy officer contact information.
A) the facility's privacy policies.
B) the physician's signature.
C) discussion of how the facility discloses patient information.
D) the privacy officer contact information.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
17
Which is a violation of patient confidentiality?
A) reporting cases of abuse, neglect, or domestic violence without patient consent
B) discussing patient care in the provider's office
C) writing the patient's allergies on the folder or binder outside the room where anyone can see
D) using the EHR in a place where passers-by could see the monitor
A) reporting cases of abuse, neglect, or domestic violence without patient consent
B) discussing patient care in the provider's office
C) writing the patient's allergies on the folder or binder outside the room where anyone can see
D) using the EHR in a place where passers-by could see the monitor
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
18
Which term describes the right of the individual to control access to information?
A) Privacy
B) Confidentiality
C) Physician-patient privilege
D) Security
A) Privacy
B) Confidentiality
C) Physician-patient privilege
D) Security
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
19
If the patient refuses to authorize disclosure, the release of which kind of health information requires a court order rather than a subpoena?
A) terminal diagnosis
B) chemical dependency
C) sexual orientation
D) demographics
A) terminal diagnosis
B) chemical dependency
C) sexual orientation
D) demographics
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
20
A patient may be denied access to his or her own health record:
A) if the patient is terminally ill.
B) if the patient is a felon.
C) if the provider believes the information would be harmful to the patient.
D) if the provider prefers to exercise professional privilege.
A) if the patient is terminally ill.
B) if the patient is a felon.
C) if the provider believes the information would be harmful to the patient.
D) if the provider prefers to exercise professional privilege.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
21
Which is reported to public health agencies?
A) cases of rabies
B) knife wounds
C) transfusions
D) cases of chickenpox
A) cases of rabies
B) knife wounds
C) transfusions
D) cases of chickenpox
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
22
Even though, legally, the facility may disclose health information without patient authorization for reimbursement, it is common practice for Patient Access to have patients to sign a ____________________ form authorizing the release of PHI to financially responsible parties.
A) Conditions of Admission
B) informed consent
C) accounting of disclosures
D) continuity of care
A) Conditions of Admission
B) informed consent
C) accounting of disclosures
D) continuity of care
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
23
If a facility is purchased by a new owner, what happens to the health records?
A) they are destroyed
B) they are returned to patients
C) they become the property of the new owner
D) they are sent to offsite storage
A) they are destroyed
B) they are returned to patients
C) they become the property of the new owner
D) they are sent to offsite storage
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
24
Policies and procedures should include specific language regarding the sensitivity of health information pertaining to which patients?
A) Facility employees
B) Behavioral health patients
C) Celebrity patients
D) Law enforcement patients
A) Facility employees
B) Behavioral health patients
C) Celebrity patients
D) Law enforcement patients
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
25
The purpose of TJC Steering Committee is:
A) risk management
B) release of information (ROI)
C) disaster planning
D) compliance with accreditation standards
A) risk management
B) release of information (ROI)
C) disaster planning
D) compliance with accreditation standards
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
26
How does accreditation differ from licensure?
A) Accreditation is voluntary.
B) Licensure is voluntary.
C) Licensure does not require site surveys.
D) Accreditation does not require site surveys.
A) Accreditation is voluntary.
B) Licensure is voluntary.
C) Licensure does not require site surveys.
D) Accreditation does not require site surveys.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
27
A type of record review in which The Joint Commission monitors how health care is being delivered and documented in "real time" is called
A) designated record set
B) site survey
C) tracer methodology
D) retention
A) designated record set
B) site survey
C) tracer methodology
D) retention
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
28
Who conducts mock surveys to prepare for a Joint Commission visit?
A) the Office of the Inspector General (OIG)
B) site surveyors
C) risk managers
D) TJC Steering Committee members
A) the Office of the Inspector General (OIG)
B) site surveyors
C) risk managers
D) TJC Steering Committee members
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
29
To prepare for unexpected events such as a bomb threat, hurricane, or flood, The Joint Commission requires a(n):
A) record review
B) retention schedule
C) disaster plan
D) Blue Button Pledge
A) record review
B) retention schedule
C) disaster plan
D) Blue Button Pledge
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
30
A potentially compensable event (PCE) is documented in the
A) health record
B) risk management binder
C) incident report
D) sensitive records binder
A) health record
B) risk management binder
C) incident report
D) sensitive records binder
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
31
To prevent accidental destruction, health records and computer systems are often kept in a(n):
A) fire compartment
B) water compartment
C) safe room
D) secret location
A) fire compartment
B) water compartment
C) safe room
D) secret location
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
32
In civil law, the _____________ brings a lawsuit against the defendant.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
33
A(n) _________ is a law that has been passed by the legislative branch of government.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
34
Many HIM professionals serve as the _____________, the designated official in the health care organization who oversees privacy compliance and handles complaints as required by the Health Insurance Portability and Accountability Act (HIPAA).
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
35
Only the _________________ may waive the right to physician-patient privilege.
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
36
Match the following terms with their descriptions:
-carelessness or lack of foresight that leads to harm
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
-carelessness or lack of foresight that leads to harm
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
37
Match the following terms with their descriptions:
-failure to provider competent medical care that leads to harm
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
-failure to provider competent medical care that leads to harm
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
38
Match the following terms with their descriptions:
-A change to the original document.
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
-A change to the original document.
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
39
Match the following terms with their descriptions:
-A specific portion of the patient's health information, consisting of medical records, reimbursement and payer information, and other information used to make health care decisions, all of which may be accessed by the patient under HIPAA provisions.
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
-A specific portion of the patient's health information, consisting of medical records, reimbursement and payer information, and other information used to make health care decisions, all of which may be accessed by the patient under HIPAA provisions.
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
40
Match the following terms with their descriptions:
-An event that could trigger litigation of cause financial harm
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
-An event that could trigger litigation of cause financial harm
A) Amendment
B) Right to revoke
C)Accounting of disclosures
D) Notice of privacy practices
E) Right to complain
F) Designated record set
G) Malpractice
H) Negligence
I) potentially compensable event (PCE)
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 40 flashcards in this deck.
