Domain 2 RHIA Study Questions
WITH Answers 100% Pass
The legal health record for disclosure consists of:
a. Any and all protected health information data collected or used by a healthcare
entity when delivering care
b. Only the protected health information requested by an attorney for a legal
proceeding
c. The data, documents, reports, and information that comprise the formal
business records of any healthcare entity that are to be utilized during legal
proceedings
d. All of the data and information included in the HIPAA Designated Record Set -
CORRECT ANSWER-c. The data, documents, reports, and information that
comprise the formal business records of any healthcare entity that are to be utilized
during legal proceedings
The concept of legal health records was created to describe the data, documents,
reports, and information that comprise the formal business record(s) of any
,healthcare organization that are to be utilized during legal proceedings.
Understanding legal health records requires knowledge of not only what comprises
business records used as legal health records, but also the processes as well as the
physical and electronic systems used to manage these records
John is the privacy officer at General Hospital and conducts audit trail checks as
part of his job duties. What does an audit trail check for?
a. Loss of data
b. Presence of a virus
c. Successful completion of a backup
d. Unauthorized access to a system - CORRECT ANSWER-d. Unauthorized
access to a system
An audit trail is a chronological set of computerized records that provides evidence
of a computer system utilization (log-ins and log-outs, file accesses) used to
determine security violations
A professional basketball player from the local team was admitted to your facility
for a procedure. During this patient's hospital stay, access logs may need to be
checked daily in order to determine:
COPYRIGHT ©️ 2025 ALL RIGHTS RESERVED
,a. Whether access by employees is appropriate
b. If the patient is satisfied with their stay
c. If it is necessary to order prescriptions for the patient
d. Whether the care to the patient meets quality standards - CORRECT
ANSWER-a. Whether access by employees is appropriate
In order to maintain patient privacy, certain audits may need to be completed daily.
If a highprofile patient is currently in a facility, for example, access logs may need
to be checked daily to determine whether all access to this patient's information by
the workforce is appropriate
An outpatient laboratory routinely mails the results of health screening exams to its
patients. The lab has received numerous complaints from patients who have
received another patient's health information. Even though multiple complaints
have been received, no change in process has occurred because the error rate is
low in comparison to the volume of mail that is processed daily for the lab. How
should the Privacy Officer for this healthcare entity respond to this situation?
a. Determine why the lab results are being sent to incorrect patients and train the
laboratory staff on the HIPAA Privacy Rule
b. Fire the responsible employees
c. Do nothing, as these types of errors occur in every healthcare entity
, d. Retrain the entire hospital entity because these types of errors could result in a
huge fine from the Office of Inspector General - CORRECT ANSWER-a.
Determine why the lab results are being sent to incorrect patients and train the
laboratory staff on the HIPAA Privacy Rule
This situation must be corrected. The privacy officer should complete a process
flow and identify the areas where a breakdown in the process is resulting in a
complaint of mailing the report to the wrong patient. It is important for the
covered entity to take as many precautions as possible to ensure compliance by its
workforce. Training is necessary in this situation to mitigate this type of error
Anywhere Hospital's coding staff will be working remotely. The entity wants to
ensure that they are complying with the HIPAA Security Rule. What type of
network uses a private tunnel through the Internet as a transport medium that will
allow the transmission of ePHI to occur between the coder and the facility
securely?
a. Intranet
b. Local area network
c. Virtual private network
d. Wide area network - CORRECT ANSWER-c. Virtual private network
COPYRIGHT ©️ 2025 ALL RIGHTS RESERVED
WITH Answers 100% Pass
The legal health record for disclosure consists of:
a. Any and all protected health information data collected or used by a healthcare
entity when delivering care
b. Only the protected health information requested by an attorney for a legal
proceeding
c. The data, documents, reports, and information that comprise the formal
business records of any healthcare entity that are to be utilized during legal
proceedings
d. All of the data and information included in the HIPAA Designated Record Set -
CORRECT ANSWER-c. The data, documents, reports, and information that
comprise the formal business records of any healthcare entity that are to be utilized
during legal proceedings
The concept of legal health records was created to describe the data, documents,
reports, and information that comprise the formal business record(s) of any
,healthcare organization that are to be utilized during legal proceedings.
Understanding legal health records requires knowledge of not only what comprises
business records used as legal health records, but also the processes as well as the
physical and electronic systems used to manage these records
John is the privacy officer at General Hospital and conducts audit trail checks as
part of his job duties. What does an audit trail check for?
a. Loss of data
b. Presence of a virus
c. Successful completion of a backup
d. Unauthorized access to a system - CORRECT ANSWER-d. Unauthorized
access to a system
An audit trail is a chronological set of computerized records that provides evidence
of a computer system utilization (log-ins and log-outs, file accesses) used to
determine security violations
A professional basketball player from the local team was admitted to your facility
for a procedure. During this patient's hospital stay, access logs may need to be
checked daily in order to determine:
COPYRIGHT ©️ 2025 ALL RIGHTS RESERVED
,a. Whether access by employees is appropriate
b. If the patient is satisfied with their stay
c. If it is necessary to order prescriptions for the patient
d. Whether the care to the patient meets quality standards - CORRECT
ANSWER-a. Whether access by employees is appropriate
In order to maintain patient privacy, certain audits may need to be completed daily.
If a highprofile patient is currently in a facility, for example, access logs may need
to be checked daily to determine whether all access to this patient's information by
the workforce is appropriate
An outpatient laboratory routinely mails the results of health screening exams to its
patients. The lab has received numerous complaints from patients who have
received another patient's health information. Even though multiple complaints
have been received, no change in process has occurred because the error rate is
low in comparison to the volume of mail that is processed daily for the lab. How
should the Privacy Officer for this healthcare entity respond to this situation?
a. Determine why the lab results are being sent to incorrect patients and train the
laboratory staff on the HIPAA Privacy Rule
b. Fire the responsible employees
c. Do nothing, as these types of errors occur in every healthcare entity
, d. Retrain the entire hospital entity because these types of errors could result in a
huge fine from the Office of Inspector General - CORRECT ANSWER-a.
Determine why the lab results are being sent to incorrect patients and train the
laboratory staff on the HIPAA Privacy Rule
This situation must be corrected. The privacy officer should complete a process
flow and identify the areas where a breakdown in the process is resulting in a
complaint of mailing the report to the wrong patient. It is important for the
covered entity to take as many precautions as possible to ensure compliance by its
workforce. Training is necessary in this situation to mitigate this type of error
Anywhere Hospital's coding staff will be working remotely. The entity wants to
ensure that they are complying with the HIPAA Security Rule. What type of
network uses a private tunnel through the Internet as a transport medium that will
allow the transmission of ePHI to occur between the coder and the facility
securely?
a. Intranet
b. Local area network
c. Virtual private network
d. Wide area network - CORRECT ANSWER-c. Virtual private network
COPYRIGHT ©️ 2025 ALL RIGHTS RESERVED
