A business associate must agree to:
A. Report to the covered entity any security incident of which it becomes aware
B. Ensure the complete safety of all electronic protected health information
C. Compensate the covered entity for penalties incurred because of the business associate's security incidents.
D. Register as a business associate with HHS
E. Submit to periodic audits by HHS of critical systems containing electronic protected health information
Which one of the following security standards is part of Technical Safeguards?
A. Access control
B. Security Management Process
C. Facility Access Controls
D. Workstation Use
E. Device and Media Controls
Select the correct statement regarding the administrative requirements of the HIPAA privacy rule
A. A covered entity must apply disciplinary sanctions against members of its workforce who fail to comply with the privacy policies and procedures of the covered entity.
B. A covered entity need not train all members of its workforce whose functions are materially affected by a change in policy or procedure
C. A covered entity must designate, and document, a contact person responsible for receiving acknowledgements of Notice of Privacy Practice.
D. A covered entity may require individuals to waive their rights.
E. A covered entity must provide maximum safeguards for PHI from any intentional or unintentional use or disclosure that is in violation of the regulations and to limit incidental uses and disclosures made pursuant to permitted or required use or disclosure.
Select the FALSE statement regarding the responsibilities of providers with direct treatment relationships under HIPAA's privacy rule.
A. Provide the individual with a Notice of Privacy Practices that describes the use of PHI.
B. Obtain a written authorization for each and every TPO event.
C. Obtain a written authorization for any disclosure or use of PHI other than for the purposes of TPO.
D. Provide access to the PHI that it maintains to the individual and make reasonable efforts to correct possible errors when requested by the individual.
E. Establish procedures to receive complaints relating to the handling of PHI.
Individually identifiable health information (IIHI) includes information that is:
A. Transmitted to a business associate for payment purposes only.
B. Stored on a smart card only by the patient.
C. Created or received by a credit company that provided a personal loan for surgical procedures.
D. Created or received by a health care clearinghouse for claim processing.
E. Requires the use of biometrics for access to records.
Which one of the following is a required implementation specification of the Security Management Process?
A. Risk Analysis
B. Access Control and Validation Procedures
C. Integrity Controls
D. Access Authorization
E. Termination Procedures
A business associate:
A. Requires PKI for the provider and the patient.
B. Is electronically stored information about an individual's lifetime health status and health care.
C. Is another name for an HMO.
D. Identifies all non-profit organizations.
E. Is a person or an entity that on behalf of the covered entity performs or assists in the performance of a function or activity involving the use or disclosure of health-related information.
Within the context of a transaction set, the fields that comprise a hierarchical level are referred to as a(n):
A. Loop
B. Enumerator.
C. Identifier.
D. Data segment.
E. Code set.
Health information is protected by the Privacy Rule as long as:
A. The authorization has been revoked by the physician
B. The patient remains a citizen of the United States.
C. The information is under the control of HHS.
D. The information is in the possession of a covered entity.
E. The information is not also available on paper forms.
The Security Rule requires that the covered entity identifies a security official who is responsible for the development and implementation of the policies and procedures. This is addressed under which security standard?:
A. Security incident Procedures
B. Response and Reporting
C. Assigned Security Responsibility
D. Termination Procedures
E. Facility Access Controls
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only HIPAA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your HIO-201 exam preparations and HIPAA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.