HCCA-CHPC EXAM LATEST 2023-2024 ACTUAL EXAM 400 QUESTIONS AND CORRECT DETAILED ANSWERS WITH RATIONALES (VERIFIED ANSWERS) |AGRADE

      HCCA-CHPC EXAM LATEST 2023-2024 ACTUAL
      EXAM 400 QUESTIONS AND CORRECT
      DETAILED ANSWERS WITH RATIONALES
      (VERIFIED ANSWERS) |AGRADE
      Which of the following is not listed as a physical safeguard in the
      Security Rule (Subpart C)?
      A. Facility Access Controls
      B. Automatic Log Off
      C. Workstation Use
      D. Workstation Security - ANSWER- B. Automatic Log Off
      Rationale: Automatic log off, passwords, encryption, unique user ID are
      examples of technical safeguards, not physical.
      Which of the following is not listed as a physical safeguard in the
      Security Rule (Subpart C)?
      A. Facility Access Plan
      B. Disposal processes
      C. Data backup and storage
      D. Unique user ID - ANSWER- D. Unique user ID
      Rationale: Automatic log off, passwords, encryption, unique user ID are
      examples of technical safeguards, not physical.

      True or False:
      Covered entities, such as physician's offices, may use patient sign-in
      sheets or call out patient names in waiting rooms, so long as the
      information disclosed is appropriately limited. - ANSWER- TRUE
      Rationale: The HIPAA Privacy Rule explicitly permits the incidental
      disclosures that may result from this practice. For example, the sign-in
      sheet may not display medical information that is not necessary for the
      purpose of signing in (e.g., the medical problem for which the patient is
      seeing the physician). See 45 CFR 164.502(a)(1)(iii).Ref.
      In determining the amount of any civil money penalty for violations of
      HIPAA, the following factors are considered:
      a. The nature and extent of the violation.
      b. The nature and extent of the harm resulting from the violation.
      c. The history of prior compliance with the administrative simplification
      provisions, including violations, by the covered entity or business
      associate.
      d. The financial condition of the covered entity or business associate.
      e. Such other matters as justice may require.
      f. All of the above - ANSWER- f. All of the above
      Under HIPAA, a covered entity is required to disclose Protected Health
      Information (PHI) when:

      a. the disclosure is requested by the police department
      b. a subpoena signed by an attorney is received
      c. the disclosure is required by medical staff bylaws
      d. the Secretary of DHHS requests the information - ANSWER- d. the
      Secretary of DHHS requests the information
      A privacy professional is reviewing a program for an academic medical
      center that include a faculty group practice, hospital, student health
      center, and self-funded group health plan. The privacy professional
      should evaluate if the program has notices for:
      a. GINA
      b. FMLA
      c. HIPAA
      d. FISMA - ANSWER- c. HIPAA
      A health system implemented an EHR in 55 clinics. The privacy
      professional is told employees are inconsistently interpreting the policy
      addressing employee access to EHR. Which of the following is the
      privacy professional's BEST strategy?
      a. Collaborate with HR to ensure appropriate discipline
      b. Perform an audit under Attorney-Client Privilege
      c. Conduct surveys of clinic employees concerns
      d. Audit a random sampling of clinics across the organization -
      ANSWER- c. Conduct surveys of clinic employees concerns

      A privacy professional is assisting IT with the development of proper
      controls to protect the privacy of the organization's data. Which of the
      following is an employee-related control?
      a. Breach response procedures
      b. Annual evaluations
      c. Contractual requirements
      d. User passwords - ANSWER- d. User passwords
      The primary purpose of a privacy exit interview is to:
      a. Meet HITECH requirements
      b. Prevent whistleblower lawsuits
      c. Evaluate for rehire
      d. Determine the appropriate discipline - ANSWER- b. Prevent
      whistleblower lawsuits
      Rationale: Best practice is to conduct these far in advance (don't wait
      until last day); spend enough time to collect information, identify any
      issues for management that could be otherwise unknown.
      Exit Interviews are part of an effective compliance program.
      Should be perform by the Compliance Officer
      Create a policy to specify process
      Use open-ended questions, include questions such how their departing
      experience has been, if any concerns, issues, violations the employee
      would like to let you know for management to address, etc.



No comments found.
Login to post a comment
This item has not received any review yet.
Login to review this item
No Questions / Answers added yet.
Price $31.00
Add To Cart

Buy Now
Category Exams and Certifications
Comments 0
Rating
Sales 0

Buy Our Plan

We have

The latest updated Study Material Bundle with 100% Satisfaction guarantee

Visit Now
{{ userMessage }}
Processing