ExamGecko
Search Search Login
Home Home / ISC / HCISPP

ISC HCISPP Practice Test - Questions Answers, Page 19

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is NOT correct?
DRAG DROP During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant. What is the best approach for the CISO? Below are the common phases to creating a Business Continuity/Disaster Recovery (BC/DR) plan. Drag the remaining BC\DR phases to the appropriate corresponding location.
If you see other staff violating privacy policies you should?
The First Blue Cross plan was given to teachers at Baylor University allowing them 21 days of hospital care at six dollars a year.
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
Substance abuse regulations do not allow disclosure with a subpoena unless a court has issued an order following a show cause hearing.
You receive a call from staff at a local hospital stating that they need information regarding a former client of yours who is scheduled for surgery. They fax you a release of information form which only authorizes the release of medications but the person on the phone is asking for dates of treatment and diagnoses. How would you respond?
You always abide by the HIPAA privacy rule.
The criminal penalties for improperly disclosing patient health information can be as high as fines of $250,000 and prison sentences of up to 10 years.

Question 181

Report
Export
Collapse

HIPAA requires a response and reporting of security incidents. What is required when an organization has an attempted unauthorized access of protected health information?

A.
HIPAA must be notified
A.
HIPAA must be notified
Answers
B.
Nothing is required of an attempted unauthorized access
B.
Nothing is required of an attempted unauthorized access
Answers
C.
The organization must respond and notify the appropriate parties
C.
The organization must respond and notify the appropriate parties
Answers
D.
Federal authorities must be notified
D.
Federal authorities must be notified
Answers
Suggested answer: C

Explanation:

When an organization has an attempted unauthorized access of protected health information the organization must respond and notify the appropriate parties.

Explanation:

Question 182

Report
Export
Collapse

Under Title II of The Health Insurance Portability and Accountability Act, the administrative simplification provision:

A.
Forbids individual health plans from denying coverage or imposing preexisting condition exclusions
A.
Forbids individual health plans from denying coverage or imposing preexisting condition exclusions
Answers
B.
Creates opportunities for fraud and abuse within the health care system
B.
Creates opportunities for fraud and abuse within the health care system
Answers
C.
Requires the establishment of national standards for electronic health care transactions
C.
Requires the establishment of national standards for electronic health care transactions
Answers
D.
Protects health insurance coverage for workers and their families
D.
Protects health insurance coverage for workers and their families
Answers
Suggested answer: C

Explanation:

Title II of HIPAA, the Administrative Simplification provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.

Explanation:

Question 183

Report
Export
Collapse

What data-related concept identifies or characterizes entities and events in a manner that facilitates an administrative process?

A.
Non-medical or Administrative Code Sets
A.
Non-medical or Administrative Code Sets
Answers
B.
Data Mapping
B.
Data Mapping
Answers
C.
Medical or Clinical Code Sets
C.
Medical or Clinical Code Sets
Answers
D.
Data Elements
D.
Data Elements
Answers
Suggested answer: A

Explanation:

Non-medical or Administrative Code Sets identify or characterize entities and events in a manner that facilitates an administrative process.

Explanation:

Question 184

Report
Export
Collapse

Title I of The Health Insurance Portability and Accountability Act protects:

A.
Electronic health care transactions
A.
Electronic health care transactions
Answers
B.
Client's medical records
B.
Client's medical records
Answers
C.
Restrictions that a group health plan can place on benefits for preexisting conditions
C.
Restrictions that a group health plan can place on benefits for preexisting conditions
Answers
D.
Health insurance coverage for workers and their families
D.
Health insurance coverage for workers and their families
Answers
Suggested answer: D

Explanation:

Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title I prohibits any group health plan from creating eligibility rules or assessing premiums for individuals in the plan based on health status, medical history, genetic information, or disability. Title I also limits restrictions that a group health plan can place on benefits for preexisting conditions.

Explanation:

Question 185

Report
Export
Collapse

Do the same requirements apply to both medical records and mental health records?

A.
No, a client is not allowed to have access to any part of a mental health record, with or without psychotherapy notes
A.
No, a client is not allowed to have access to any part of a mental health record, with or without psychotherapy notes
Answers
B.
Generally, including conditioning enrollment in a plan on the client granting authorization for disclosure of psychotherapy notes
B.
Generally, including conditioning enrollment in a plan on the client granting authorization for disclosure of psychotherapy notes
Answers
C.
Yes, and client is entitled to all of the same information in both settings
C.
Yes, and client is entitled to all of the same information in both settings
Answers
D.
Generally, psychotherapy notes are not included in the provision that allows clients to see and copy their health information
D.
Generally, psychotherapy notes are not included in the provision that allows clients to see and copy their health information
Answers
Suggested answer: D

Explanation:

Both medical records and mental health records have generally the same requirements, however, psychotherapy notes are not included in the provision that allows clients to see and copy their health information.

Explanation:

Question 186

Report
Export
Collapse

HIPAA's Administrative Simplification procedures were prompted by the desire to:

A.
Reduce administrative overhead in provider-payer transactions
A.
Reduce administrative overhead in provider-payer transactions
Answers
B.
Simplify administrative functions such as payroll and benefits
B.
Simplify administrative functions such as payroll and benefits
Answers
C.
Create multiple forms for various transactions
C.
Create multiple forms for various transactions
Answers
D.
Add more details to the processing of electronic transactions
D.
Add more details to the processing of electronic transactions
Answers
Suggested answer: A

Explanation:

HIPAA's Administrative Simplification procedures were prompted by the desire to reduce administrative overhead in provider-payer transactions. By having one form for each type of transaction, the chances of doing the transactions electronically and semi-automating the process are improved.

Explanation:

Question 187

Report
Export
Collapse

___________ is one of the main objectives of HIPAA.

A.
Secrecy
A.
Secrecy
Answers
B.
Accountability
B.
Accountability
Answers
C.
Anonymity
C.
Anonymity
Answers
D.
ComplexityCorrect
D.
ComplexityCorrect
Answers
Suggested answer: B

Explanation:

Accountability

Answer: B

Explanation:

The main objectives of HIPAA are Accountability (reduce waste, fraud, and abuse; new penalties will be imposed), Insurance Reform (continuity and portability of health insurance, providing limits on preexisting provisions), and

Administrative simplification (standards on electronic data transactions in a confidential and secure manner).

Explanation:

Question 188

Report
Export
Collapse

If a medical entity is in compliance with the Division of Medical Assistance's (DMA's) Health Data Marketing Guidelines, is the entity in compliance with HIPAA guidelines?

A.
No. HIPAA is law while DMA guidelines are not law, and require less than HIPAA
A.
No. HIPAA is law while DMA guidelines are not law, and require less than HIPAA
Answers
B.
Yes. HIPAA is federal law and DMA is state law, which is usually more restrictive, and the more restrictive standard should be met.
B.
Yes. HIPAA is federal law and DMA is state law, which is usually more restrictive, and the more restrictive standard should be met.
Answers
C.
No. HIPAA law is federal and DMA law is state, so HIPAA supersedes DMA law.
C.
No. HIPAA law is federal and DMA law is state, so HIPAA supersedes DMA law.
Answers
D.
Yes. DMA's guidelines are stricter and will supersede those minimum standards of HIPAA.
D.
Yes. DMA's guidelines are stricter and will supersede those minimum standards of HIPAA.
Answers
Suggested answer: A

Explanation:

If a medical entity is in compliance with the Division of Medical Assistance's (DMA's) Health Data Marketing Guidelines, they are not in compliance with HIPAA guidelines because HIPAA is law while DMA guidelines are not, requiring less than HIPAA.

Explanation:

Question 189

Report
Export
Collapse

If a client requests a restriction for disclosure of a certain part of their PHI to a health plan, the health care provider is:

A.
Required to agree to the requested restriction if the disclosure is for treatment or payment, is not required by law, and if the information is specifically related to a health care item or service that the client has paid for in full
A.
Required to agree to the requested restriction if the disclosure is for treatment or payment, is not required by law, and if the information is specifically related to a health care item or service that the client has paid for in full
Answers
B.
Required to agree only if the client specifies why he/she wants the restriction
B.
Required to agree only if the client specifies why he/she wants the restriction
Answers
C.
Required to agree only if the client specifies who he/she wants the restriction to apply to
C.
Required to agree only if the client specifies who he/she wants the restriction to apply to
Answers
D.
Required to agree to the requested restriction
D.
Required to agree to the requested restriction
Answers
Suggested answer: A

Explanation:

A client can request a restriction of a certain part of their medical record for treatment, payment, and healthcare options. The client can also request restriction of medical information to people involved in their care (i.e., friends and family).

The client should specify why he/she wants the restriction and who he/she wants the restriction to apply to. Under the "Final Rule" for HIPAA issued in 2013, a client can request to restrict disclosures of their health information and that request has to be granted by the provider if 1) the disclosure is for treatment or payment, 2) the disclosure is not required by law, and 3) the information is specifically related to a healthcare item or service that the client has paid for in full.

Explanation:

Question 190

Report
Export
Collapse

February 17, 2010 was the effective date for updated changes to HIPAA triggered by the Health Information Technology for Economic and Clinical Health Act (HITECH). As part of HITECH, what must providers who have clients who opt to self-pay do when those clients request the provider not inform their health care insurance provider?

A.
The provider has the option to not disclose the information to the health care insurance provider
A.
The provider has the option to not disclose the information to the health care insurance provider
Answers
B.
The provider must disclose the information anyway to the heath care insurance provider
B.
The provider must disclose the information anyway to the heath care insurance provider
Answers
C.
The provider must not disclose the information to the health care insurance provider
C.
The provider must not disclose the information to the health care insurance provider
Answers
D.
The provider must have the client sign a waiver freeing the provider from the compulsion to report to the provider
D.
The provider must have the client sign a waiver freeing the provider from the compulsion to report to the provider
Answers
Suggested answer: C

Explanation:

The provider must not disclose the information to the health care provider under the new rules.

Previously, the provider's compliance with the request was optional under HIPAA guidelines.

Explanation:

Total 305 questions
Go to page: of 31
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms