CPMA EXAM 2022 Med Records and
Documentation guidelines Questions And
Answers
Covered entities under HIPAAs Privacy rule include?
a. an employer based and maintained health plan with 50 or less employees
b. health care clearinghouses
c. Government-funded community health centers
d. all of the above. b. health care clearinghouses along with Health plans and health care
providers
When does the Privacy Rule permit use and disclosure of specific PHI without an individuals
authorization or permission?
a. Health oversight activities
b. worker's compensation
c. research
d. all of the above d. all of the above; There are 12 national priority purposes total.
PHI where certain specified direct identifiers have been removed is called?
a. minimum necessary
, CPMA EXAM 2022 Med Records and
Documentation guidelines Questions And
Answers
b. limited data set
c. confidential health data set
d. minimum PHI data b. limited data set; may be used for research, healthcare operations,
and public health purposes as long as there is an agreement with promised PHI safeguards in
place.
Privacy policies must be maintained by covered entities for how many years, after the later of the
date of creation, or last effective date?
a. 10
b. 5
c. 6
d. 3 c. 6 years
Who is responsible for administering and enforcing the standards set forth in the Privacy Rule? a.
OIG b. HHS OCR c. HITECH d. HIPAA b. HHS OCR; Health and Human Services
Office for Civil Rights may conduct compliant investigations and compliance reviews.
Who is responsible for criminal prosecutions under the Privacy Rule?
Documentation guidelines Questions And
Answers
Covered entities under HIPAAs Privacy rule include?
a. an employer based and maintained health plan with 50 or less employees
b. health care clearinghouses
c. Government-funded community health centers
d. all of the above. b. health care clearinghouses along with Health plans and health care
providers
When does the Privacy Rule permit use and disclosure of specific PHI without an individuals
authorization or permission?
a. Health oversight activities
b. worker's compensation
c. research
d. all of the above d. all of the above; There are 12 national priority purposes total.
PHI where certain specified direct identifiers have been removed is called?
a. minimum necessary
, CPMA EXAM 2022 Med Records and
Documentation guidelines Questions And
Answers
b. limited data set
c. confidential health data set
d. minimum PHI data b. limited data set; may be used for research, healthcare operations,
and public health purposes as long as there is an agreement with promised PHI safeguards in
place.
Privacy policies must be maintained by covered entities for how many years, after the later of the
date of creation, or last effective date?
a. 10
b. 5
c. 6
d. 3 c. 6 years
Who is responsible for administering and enforcing the standards set forth in the Privacy Rule? a.
OIG b. HHS OCR c. HITECH d. HIPAA b. HHS OCR; Health and Human Services
Office for Civil Rights may conduct compliant investigations and compliance reviews.
Who is responsible for criminal prosecutions under the Privacy Rule?
