Chat with AI
Deck 8: Privacy, Security, and Fraud
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
Play
Full screen (f)
Deck 8: Privacy, Security, and Fraud
1
A breach under HIPAA:
A) is an unauthorized acquisition, access, use, or disclosure of personal health information
B) is a use of a firewall
C) is the transfer of records by email
D) is an unauthorized use of the medical record that is not disclosed
E) is similar to meaningful use
A) is an unauthorized acquisition, access, use, or disclosure of personal health information
B) is a use of a firewall
C) is the transfer of records by email
D) is an unauthorized use of the medical record that is not disclosed
E) is similar to meaningful use
is an unauthorized acquisition, access, use, or disclosure of personal health information
2
How many HIPAA defined permissions exist?
A) three
B) four
C) five
D) six
E) seven
A) three
B) four
C) five
D) six
E) seven
six
3
Which HIPAA standard requires that all providers secure a national provider number?
A) Standard 1
B) Standard 2
C) Standard 3
D) Standard 4
E) Standard 5
A) Standard 1
B) Standard 2
C) Standard 3
D) Standard 4
E) Standard 5
Standard 4
4
What is the reason for most breaches of confidentiality?
A) lost or stolen computer device
B) technical glitch
C) criminal attack
D) employee mistake
E) third-party error
A) lost or stolen computer device
B) technical glitch
C) criminal attack
D) employee mistake
E) third-party error
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
The use of the EHR to improve quality, engage patients, improve care coordination and maintain privacy and security is known as:
A) disaster planning
B) complex medical decision making
C) meaningful firewalls
D) meaningful use
E) meaningful coding
A) disaster planning
B) complex medical decision making
C) meaningful firewalls
D) meaningful use
E) meaningful coding
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
Which HIPAA standard requires providers and their business associates to put in place policies and procedures that ensure privacy of the health record?
A) Standard 1
B) Standard 2
C) Standard 3
D) Standard 4
E) Standard 5
A) Standard 1
B) Standard 2
C) Standard 3
D) Standard 4
E) Standard 5
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
Which HIPAA standard requires providers to use specific code sets?
A) Standard 1
B) Standard 2
C) Standard 3
D) Standard 4
E) Standard 5
A) Standard 1
B) Standard 2
C) Standard 3
D) Standard 4
E) Standard 5
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
Which HIPAA standard requires providers to protect electronically transmitted and otherwise stored personal health information?
A) Standard 1
B) Standard 2
C) Standard 3
D) Standard 4
E) Standard 5
A) Standard 1
B) Standard 2
C) Standard 3
D) Standard 4
E) Standard 5
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
The difference between an electronic medical record (EMR) and an electronic health record (EHR) is:
A) EMRs are protected by HIPAA, EHRs are not
B) EHRs are protected by HIPAA and EMRs are not
C) the EMR is a record from a single provider, an EHR is a more comprehensive record from all providers of care
D) the EHR is a record from a single provider, an EMR is a more comprehensive record from all providers of care
E) EMRs exist in written form; EHRs do not exist in written form
A) EMRs are protected by HIPAA, EHRs are not
B) EHRs are protected by HIPAA and EMRs are not
C) the EMR is a record from a single provider, an EHR is a more comprehensive record from all providers of care
D) the EHR is a record from a single provider, an EMR is a more comprehensive record from all providers of care
E) EMRs exist in written form; EHRs do not exist in written form
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
The first federal law to specifically deal with the privacy of health care records was:
A) Electronic Communication Privacy Act
B) Gramm-Leach-Bliley Act
C) Health Insurance Portability and Accountability Act
D) Computer Abuse Amendments Act
E) Patient Safety and Quality Improvement Act
A) Electronic Communication Privacy Act
B) Gramm-Leach-Bliley Act
C) Health Insurance Portability and Accountability Act
D) Computer Abuse Amendments Act
E) Patient Safety and Quality Improvement Act
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
While privacy is not directly expressed in the amendments to the Constitution, which of the following is one of the amendments that the U.S. Supreme Court has used to cover privacy issues?
A) Second
B) Third
C) Sixth
D) Eighth
E) Fifteenth
A) Second
B) Third
C) Sixth
D) Eighth
E) Fifteenth
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Which of the following court cases first declared that a constitutional right to privacy was implied?
A) Griswold v. Connecticut
B) OPIS v. Florida Agency for Health Care Administration
C) Roe v. Wade
D) Board of Education v. Earls
E) Eisenstadt v. Baird
A) Griswold v. Connecticut
B) OPIS v. Florida Agency for Health Care Administration
C) Roe v. Wade
D) Board of Education v. Earls
E) Eisenstadt v. Baird
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the following statements is true about HIPAA Standard 2?
A) All providers must have a unique identifier number for submittal of claims for payment.
B) All providers must have policies to secure health records from unauthorized disclosures.
C) Protected Health Information (PHI) covers only electronic records.
D) Protected Health Information (PHI) covers only written c records.
E) Protected Health Information (PHI) is any written, spoken, or electronic form.
A) All providers must have a unique identifier number for submittal of claims for payment.
B) All providers must have policies to secure health records from unauthorized disclosures.
C) Protected Health Information (PHI) covers only electronic records.
D) Protected Health Information (PHI) covers only written c records.
E) Protected Health Information (PHI) is any written, spoken, or electronic form.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
A patient believes her privacy rights have been violated by a local hospital. Under HIPAA, the patient:
A) may immediately file a lawsuit in federal court
B) may immediately file a lawsuit in a small claims court
C) must first file a written complaint with the local medical society
D) must first file a written complaint with the local district attorney
E) must first file a written complaint with the Secretary of Health and Human Services through the Office of Civil Rights
A) may immediately file a lawsuit in federal court
B) may immediately file a lawsuit in a small claims court
C) must first file a written complaint with the local medical society
D) must first file a written complaint with the local district attorney
E) must first file a written complaint with the Secretary of Health and Human Services through the Office of Civil Rights
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
Which of the following is the term used to describe the protection that should be in place to protect the electronic health or medical record from outside intrusion?
A) encoding
B) service provider
C) hardware
D) software
E) firewall
A) encoding
B) service provider
C) hardware
D) software
E) firewall
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
A provider may release information about a victim of abuse, neglect, or domestic violence under which permission of HIPAA?
A) treatment, payment, or health care operations
B) incidental use
C) public interest and benefit activities
D) limited data set
E) disclosures with opportunity to agree or object
A) treatment, payment, or health care operations
B) incidental use
C) public interest and benefit activities
D) limited data set
E) disclosures with opportunity to agree or object
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
A permission is defined as:
A) a request for records
B) a covered entity
C) a de-identifier
D) a reason under HIPAA to delete the record
E) a reason under HIPAA for disclosing patient information
A) a request for records
B) a covered entity
C) a de-identifier
D) a reason under HIPAA to delete the record
E) a reason under HIPAA for disclosing patient information
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
ProPublica surveyed hospitals about health record security. What percentage of hospitals surveyed indicated that they were using cloud-based services?
A) 47 percent
B) 51 percent
C) 63 percent
D) 81 percent
E) 91 percent
A) 47 percent
B) 51 percent
C) 63 percent
D) 81 percent
E) 91 percent
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
Which of the following court cases held that federal privacy laws like HIPAA may preempt stricter state privacy laws?
A) Griswold v. Connecticut
B) OPIS v. Florida Agency for Health Care Administration
C) Roe v. Wade
D) Board of Education v. Earls
E) Eisenstadt v. Baird
A) Griswold v. Connecticut
B) OPIS v. Florida Agency for Health Care Administration
C) Roe v. Wade
D) Board of Education v. Earls
E) Eisenstadt v. Baird
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
In a physician's office, a sign-in sheet is permissible to use as long as
A) the receptionist immediately crosses off the name.
B) the sign-in sheet is a peel-off label for each patient.
C) the actual time of the appointment is not recorded.
D) you do not ask for the reason for the visit.
E) the patient signs their name, and doesn't just print it.
A) the receptionist immediately crosses off the name.
B) the sign-in sheet is a peel-off label for each patient.
C) the actual time of the appointment is not recorded.
D) you do not ask for the reason for the visit.
E) the patient signs their name, and doesn't just print it.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
The federal agency charged with fighting waste, fraud, and abuse in Medicare, Medicaid, and 300 other Health and Human Services programs is the:
A) Department of Justice
B) Office of the HHS Secretary
C) Office of the Inspector General
D) Office of Civil Rights
E) Office of the Attorney General
A) Department of Justice
B) Office of the HHS Secretary
C) Office of the Inspector General
D) Office of Civil Rights
E) Office of the Attorney General
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
Identify the four standards found in HIPAA.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
Under the Patient Protection and Affordable Care Act of 2010, insurance companies must do all of the following except:
A) phase out annual and lifetime limits to coverage
B) no longer limit or deny coverage to patients under 19 with preexisting conditions
C) phase out arbitrary withdrawals of insurance coverage
D) remove insurance company barriers to emergency service
E) cover children up to age 30 on their parents' health insurance policy
A) phase out annual and lifetime limits to coverage
B) no longer limit or deny coverage to patients under 19 with preexisting conditions
C) phase out arbitrary withdrawals of insurance coverage
D) remove insurance company barriers to emergency service
E) cover children up to age 30 on their parents' health insurance policy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
From October 2009 through November 2013, how many complaints about security breaches were filed with the Office of Civil Rights?
A) 569
B) 768
C) 867
D) 985
E) over 1,000
A) 569
B) 768
C) 867
D) 985
E) over 1,000
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
What does the term de-identify mean under HIPAA?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Before filing a lawsuit, what must a patient do when they believe their health information privacy has been violated?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
Which law made significant changes to provisions in the Health Insurance Portability and Accountability Act?
A) Patient Protection and Affordable Care Act
B) Health Care and Education Reconciliation Act
C) Patient Safety and Quality Improvement Act
D) American Recovery and Reinvestment Act
E) Gramm-Leach-Bliley Act
A) Patient Protection and Affordable Care Act
B) Health Care and Education Reconciliation Act
C) Patient Safety and Quality Improvement Act
D) American Recovery and Reinvestment Act
E) Gramm-Leach-Bliley Act
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
Under the Federal False Claims Act, a citizen may:
A) file a claim on behalf of the federal government for false claims made for payment of health services
B) pay someone else's medical bill
C) file criminal charges against someone who has filed false claims
D) repay claims made erroneously
E) file a claim alleging violations of privacy
A) file a claim on behalf of the federal government for false claims made for payment of health services
B) pay someone else's medical bill
C) file criminal charges against someone who has filed false claims
D) repay claims made erroneously
E) file a claim alleging violations of privacy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
HIPAA allows a state preemption. What does that mean?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
The Health Information Technology for Economic and Clinical Health Act (HITECH) was part of what other law?
A) Patient Protection and Affordable Care Act
B) Health Care and Education Reconciliation Act
C) Patient Safety and Quality Improvement Act
D) American Recovery and Reinvestment Act
E) Gramm-Leach-Bliley Act
A) Patient Protection and Affordable Care Act
B) Health Care and Education Reconciliation Act
C) Patient Safety and Quality Improvement Act
D) American Recovery and Reinvestment Act
E) Gramm-Leach-Bliley Act
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
What is the difference between an electronic medical record (EMR) and an electronic health record (EHR)?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
An orthopedic surgeon refers his patients to a radiology facility owned by his brother. What law is potentially being violated?
A) Federal Anti-Kickback law
B) Stark Law
C) Federal False Claims Act
D) HIPAA
E) HITECH
A) Federal Anti-Kickback law
B) Stark Law
C) Federal False Claims Act
D) HIPAA
E) HITECH
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Which of the following is not a reason that Medicare fraud is difficult to estimate?
A) Health care claims are destroyed after two years.
B) Fraud is hard to detect.
C) Sometimes a claim is partially fraudulent and partially accurate.
D) Dollar amounts spent in a single incident of fraud are increasing.
E) Statistics from prior years are not always accurate.
A) Health care claims are destroyed after two years.
B) Fraud is hard to detect.
C) Sometimes a claim is partially fraudulent and partially accurate.
D) Dollar amounts spent in a single incident of fraud are increasing.
E) Statistics from prior years are not always accurate.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
What is Protected Health Information (PHI)?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
According to the GAO, the amount of improper payments to providers from Medicare fee-for-service plans in 2011 was:
A) $2.4 billion
B) $8.6 billion
C) $18.2 billion
D) $22.5 billion
E) $28.8 billion
A) $2.4 billion
B) $8.6 billion
C) $18.2 billion
D) $22.5 billion
E) $28.8 billion
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
What does the term "meaningful use" refer to in health care?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
Identify the six HIPAA defined permissions.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
Which of the following statements is true about the Patients' Bill of Rights?
A) The Patients' Bill of Rights is the fifteenth amendment to the U.S. Constitution.
B) The Patients' Bill of Rights is part of HITECH.
C) No one universal government statute exists.
D) The American Hospital Association has a Patients' Bill of Rights that became federal law.
E) The Bipartisan Patient Protection Act of 2001 was passed as a Patients' Bill of Rights.
A) The Patients' Bill of Rights is the fifteenth amendment to the U.S. Constitution.
B) The Patients' Bill of Rights is part of HITECH.
C) No one universal government statute exists.
D) The American Hospital Association has a Patients' Bill of Rights that became federal law.
E) The Bipartisan Patient Protection Act of 2001 was passed as a Patients' Bill of Rights.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
What is a permission under HIPAA?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
What was the first federal law that covered privacy and security for health care information?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
What is the Criminal Health Care Fraud Statute?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
What is the difference between the Federal Anti-Kickback Law and the Stark Law?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
Identify the five steps to ensure compliance with HIPAA standards to avoid security breaches.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
What is the purpose of the Federal INCORRECT Claims Act?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
What is a firewall?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
What is a breach under HIPAA?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
Give several examples of how the Health Information Technology for Economic and Clinical Health Act (HITECH) strengthened privacy and security.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
Describe patients' rights to be provided by insurance companies as defined by the Patient Protection and Affordable Care Act.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
Describe the Patients' Bill of Rights as adopted by Congress.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
Identify the major ways that breaches of information happen.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
