HIO-201 Online Practice Questions and Answers

This final security rule standard addresses encryption of data,

A. Security Management Process

B. Device and Media Controls

C. Information Access Management

D. Audit Controls

E. Transmission Security

The transaction number assigned to the Health Care Claim Payment/Advice transaction is:

A. 270

B. 276

C. 834

D. 835

E. 837

Select the correct statement regarding the 834 - Benefit Enrollment and Maintenance transaction.

A. It cannot be used to transfer enrollment information from a plan sponsor to a health care insurance company or other benefit provider.

B. It can be used by a health insurance company to notify a plan sponsor that it has dropped one of its members.

C. It cannot be used to enroll, update, or dis-enroll employees and dependents in a health plan.

D. A sponsor can be an employer, insurance agency, association or government agency but unions are excluded from being plan sponsors

E. It can be used in either update or full replacement mode.

The Privacy Rule gives patients the following right

A. Access to the psychotherapy notes.

B. Request an amendment to their medical record.

C. Receive a digital certificate.

D. See an accounting of disclosures for which authorization was given.

E. The use of a smart card for accessing their records.

The Privacy Rule's penalties for unauthorized disclosure:

A. Imposes fines and imprisonment as civil penalties for violations.

B. Limits penalties to covered entities and their business associates.

C. Imposes criminal penalties for noncompliance with standards.

D. Limits imprisonment to a maximum often years.

E. Is $1000 per event of disclosure.

Which one of the following implementation specifications is associated with the Facility Access Control standard?

A. Integrity Controls

B. Emergency Access Procedure

C. Access Control and Validation Procedures

D. Security Reminders

E. Security Policy

The code set that must be used to describe or identify dentists services and procedures is:

A. lcD-9-cM, Volumes 1 and 2

B. CPT-4

C. CDT

D. ICD-9-CM, Volume 3

E. HCPCS

Within the context of a transaction set, the fields that comprise a hierarchical level are referred to as a(n):

A. Loop

B. Enumerator.

C. Identifier.

D. Data segment.

E. Code set.

Information in this transaction is generated by the payer's adjudication system:

A. Eligibility (2701271)

B. Premium Payment 2O)

C. Unsolicited Claim Status (277)

D. Remittance Advice 35)

E. Functional Acknowledgment (997)

The key objective of a contingency plan is that the entity must establish and implement policies and procedures to ensure The:

A. Creation and modification of health information during and after an emergency.

B. Integrity of health information during and after an emergency.

C. Accountability of health information during and after an emergency.

D. Vulnerability of health information during and after an emergency.

E. Non-repudiation of the entity.

A key date in the transaction rule timeline is:

A. October 16, 2003 -- small health plans to begin testing without ASCA extension

B. October 16, 2004 -- full compliance deadline for small health plans

C. April 16, 2004 -- small health plans to begin testing with ASCA extension

D. April 16, 2003 - deadline to begin testing with ASCA extension

E. April 14, 2003; deadline to begin testing with the ASCA extension.

Select the FALSE statement regarding violations of the HIPAA Privacy rule.

A. Covered entities that violate the standards or implementation specifications will be subjected to civil penalties of up to $100 per violation except that the total amount imposed on any one person in each calendar year may not exceed $25,000 for violations of one requirement.

B. Criminal penalties for non-compliance are fines up to $65,000 and one year in prison for each requirement or prohibition violated.

C. Criminal penalties for willful violation are fines up to $60,000 and one year in prison for each requirement or prohibition violated.

D. Criminal penalties for violations committed under "false pretenses are fines up to $100,000 and five years in prison for each requirement or prohibition violated.

E. Criminal penalties for violations committed with the intent to sell, transfer, or use PHI for commercial advantage, personal gain or malicious harm are fines up to $250,000 and ten years in prison for each requirement or prohibition violated.

The transaction number assigned to the Benefit Enrollment and Maintenance transaction is:

A. 270

B. 276

C. 278

D. 280

E. 834

A covered entity must adopt policies and procedures governing disclosures of PHI that identify:

A. The types of financial information to be disclosed.

B. The specific individuals or entities to which disclosure would be made.

C. The types of persons who would receive PHI.

D. The conditions that would not apply to disclosure of PHI

E. The criteria for reviewing requests for routine disclosure of PHI.

The Health Care Claim Status Response (277) can be used in a number of ways. Select the correct usage.

A. As a response to a health care claim status request

B. As a health care claim payment advice

C. Electronic funds transfer

D. As a request for health care claims status

E. Request for the psychotherapy notes of a patient