©SOPHIABENNET@2024-2025 Thursday, August 22, 2024 10:21 AM
HCCA - CHPC Study Questions with
100% Correct Answers
What is the purpose of HIPAA? - Answer✔️✔️-• Protect PHI from
unauthorized disclosure/use;
• Prevent fraud, waste and abuse (via Administrative Simplification);
• Make health insurance portable under ERISA;
• Move health care onto a nationally standardized electronic billing
platform
Ref. https://quizlet.com/6202453/hcca-chpc-overview-flash-cards/
More on HIPAA: https://www.hhs.gov/hipaa/index.html
HIPAA resides in which CFR section? - Answer✔️✔️-45 CFR sections
164.102 through 164.534
https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164
What are the subparts of HIPAA part 164? - Answer✔️✔️-HIPAA - 45 CFR
164, subparts:
Subpart A - General rules
1
, ©SOPHIABENNET@2024-2025 Thursday, August 22, 2024 10:21 AM
Subpart C - Security
Subpart D - Breach notification
Subpart E - Privacy
https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164
How do you determine if an organization is a "Covered Entity"? -
Answer✔️✔️-1. compare if the organization meets one of the 3 types of CE
(provider, health plan, clearinghouse)
and
2. determine if the organization electronically transmits one of the 9
defined transactions:
• Health claims or equivalent encounter information
• Health claims attachments
• Enrollment and disenrollment in a health plan
• Eligibility for a health plan
• Health care payment and remittance advice
• Health plan premium payments
• First report of injury
• Health claim status
2
, ©SOPHIABENNET@2024-2025 Thursday, August 22, 2024 10:21 AM
• Referral certification and authorization
In addition, business associates of covered entities must follow parts of the
HIPAA regulations.
https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-
consumers/index.html
This Act established in 1974 was created for government agencies placing
restrictions on how the government can share the information maintained
in Federal systems of records that might infringe on an individual's privacy
rights with other individuals and agencies. - Answer✔️✔️-The Privacy Act of
1974
Which of the following is not considered a HIPAA Entity Designation:
1. Affiliated covered entity
2. Entity that performs healthcare and non-healthcare component activities
including both covered and non-covered functions
3. A group health plan
4. Contract arrangement with FEDEX carrier - Answer✔️✔️-4. Contract
arrangement with FEDEX carrier
What is Gramm-Leach-Bliley Act (GLBA)? - Answer✔️✔️-Gramm-Leach-
Bliley Act (GLBA), also known as the Financial Services Modernization Act
3
, ©SOPHIABENNET@2024-2025 Thursday, August 22, 2024 10:21 AM
of 1999, includes The Financial Privacy Rule and The Safeguards Rule
requires all financial institutions to protect customer's personal financial
information.
What is an OHCA? - Answer✔️✔️-OHCA (Organized Health Care
Arrangement) it's a clinically integrated care setting where individuals
receive health care from more than one provider.
These are joint arrangements/activities and have an Integrated Delivery
System for easy exchange of PHI data. See 45 CFR 160.103. OHCAs can also
utilize a joint NPP. See 45 CFR § 164.520(d).
ACE (Affiliated Covered Entity) do not have an Integrated Delivery System
because these are legally separate covered entities that are associated in
business, or affiliated as a result of some common control or ownership.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations purposes
(TPO).
What's an ACE? - Answer✔️✔️-ACE (Affiliated Covered Entity)
Legally separate covered entities that share common control/ownership
and designate themselves as a single CE for the purpose of complying with
the HIPAA Privacy standards.
4
HCCA - CHPC Study Questions with
100% Correct Answers
What is the purpose of HIPAA? - Answer✔️✔️-• Protect PHI from
unauthorized disclosure/use;
• Prevent fraud, waste and abuse (via Administrative Simplification);
• Make health insurance portable under ERISA;
• Move health care onto a nationally standardized electronic billing
platform
Ref. https://quizlet.com/6202453/hcca-chpc-overview-flash-cards/
More on HIPAA: https://www.hhs.gov/hipaa/index.html
HIPAA resides in which CFR section? - Answer✔️✔️-45 CFR sections
164.102 through 164.534
https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164
What are the subparts of HIPAA part 164? - Answer✔️✔️-HIPAA - 45 CFR
164, subparts:
Subpart A - General rules
1
, ©SOPHIABENNET@2024-2025 Thursday, August 22, 2024 10:21 AM
Subpart C - Security
Subpart D - Breach notification
Subpart E - Privacy
https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164
How do you determine if an organization is a "Covered Entity"? -
Answer✔️✔️-1. compare if the organization meets one of the 3 types of CE
(provider, health plan, clearinghouse)
and
2. determine if the organization electronically transmits one of the 9
defined transactions:
• Health claims or equivalent encounter information
• Health claims attachments
• Enrollment and disenrollment in a health plan
• Eligibility for a health plan
• Health care payment and remittance advice
• Health plan premium payments
• First report of injury
• Health claim status
2
, ©SOPHIABENNET@2024-2025 Thursday, August 22, 2024 10:21 AM
• Referral certification and authorization
In addition, business associates of covered entities must follow parts of the
HIPAA regulations.
https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-
consumers/index.html
This Act established in 1974 was created for government agencies placing
restrictions on how the government can share the information maintained
in Federal systems of records that might infringe on an individual's privacy
rights with other individuals and agencies. - Answer✔️✔️-The Privacy Act of
1974
Which of the following is not considered a HIPAA Entity Designation:
1. Affiliated covered entity
2. Entity that performs healthcare and non-healthcare component activities
including both covered and non-covered functions
3. A group health plan
4. Contract arrangement with FEDEX carrier - Answer✔️✔️-4. Contract
arrangement with FEDEX carrier
What is Gramm-Leach-Bliley Act (GLBA)? - Answer✔️✔️-Gramm-Leach-
Bliley Act (GLBA), also known as the Financial Services Modernization Act
3
, ©SOPHIABENNET@2024-2025 Thursday, August 22, 2024 10:21 AM
of 1999, includes The Financial Privacy Rule and The Safeguards Rule
requires all financial institutions to protect customer's personal financial
information.
What is an OHCA? - Answer✔️✔️-OHCA (Organized Health Care
Arrangement) it's a clinically integrated care setting where individuals
receive health care from more than one provider.
These are joint arrangements/activities and have an Integrated Delivery
System for easy exchange of PHI data. See 45 CFR 160.103. OHCAs can also
utilize a joint NPP. See 45 CFR § 164.520(d).
ACE (Affiliated Covered Entity) do not have an Integrated Delivery System
because these are legally separate covered entities that are associated in
business, or affiliated as a result of some common control or ownership.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations purposes
(TPO).
What's an ACE? - Answer✔️✔️-ACE (Affiliated Covered Entity)
Legally separate covered entities that share common control/ownership
and designate themselves as a single CE for the purpose of complying with
the HIPAA Privacy standards.
4
